Мандарин Ориентал зээлийн картын зөрчлийн талаар мэдэгдэл гаргажээ

Хонг Конг – Энэ оны эхээр Mandarin Oriental компани доор жагсаасан манай хэд хэдэн зочид буудлуудад манай зээлийн картын системд хортой програмын халдлагыг илрүүлсэн. Үүний хариуд бид вэбсайтдаа олон нийтэд мэдэгдэл гаргаж, зочдод халдлагын талаар сэрэмжлүүлэх үүднээс тэдний зээлийн картын үйл ажиллагааг хянах идэвхтэй арга хэмжээ авах боломжтой болсон. Мөн бид хууль сахиулах байгууллага, кибер шүүх эмнэлгийн мэргэжилтнүүд болон зээлийн картын зохих компаниудыг мөрдөн байцаалтын ажиллагааг зохицуулах, зочдод туслах цаашдын арга хэмжээг авах зорилгоор нэн даруй татан оролцуулсан. Нарийвчилсан мөрдөн байцаалтын дараа бид болсон явдлын талаар илүү ихийг мэдэж, нөлөөлөлд өртсөн зочдод мэдэгдэж байна. Зөрчлийн талаар зочдоос асууж болох аливаа асуултыг шийдвэрлэхэд бэлэн байгаа дуудлагын төвийг бид байгуулсан. Энэ хэрэг гарсанд бид харамсаж, учирч болзошгүй төвөг учруулсанд харамсаж байна. Бид зочдынхоо аюулгүй байдал, тэдний хувийн мэдээлэлд маш нухацтай ханддаг бөгөөд зочдын маань бидэнд итгэх итгэл туйлын нэн тэргүүний зорилт хэвээр байна.

From our investigation, it appears that a hacker used malware to obtain access to certain credit card systems in a number of Mandarin Oriental hotels. We believe this hacker may have used the malware to acquire the names and credit card numbers of guests who used a credit card for dining, beverage, spa, guest rooms, or other products and services at the following Mandarin Oriental properties during these time periods; we have not, however, found any evidence of acquisition or misuse of credit card pin numbers or security codes, or any other personal guest data:

Mandarin Oriental, Boston between June 18, 2014 and March 12, 2015

Mandarin Oriental, Geneva between June 18, 2014 and March 3, 2015

Mandarin Oriental, Hong Kong between June 18, 2014 and February 10, 2015

Mandarin Oriental Hyde Park, London between June 18, 2014 and March 5, 2015

Mandarin Oriental, Las Vegas between June 18, 2014 and October 16, 2014

Mandarin Oriental, Miami between June 18, 2014 and March 3, 2015

Mandarin Oriental, New York between June 18, 2014 and January 18, 2015

Mandarin Oriental, San Francisco between June 18, 2014 and February 14, 2015

Mandarin Oriental, Washington DC between June 18, 2014 and January 20, 2015

The Landmark Mandarin Oriental, Hong Kong between June 18, 2014 and February 3, 2015

Since we were first alerted to this attack, we have been investigating this incident across multiple countries and properties, and working in coordination with law enforcement and the credit card companies. We have timed this notice to avoid disrupting or impeding their concurrent investigations. We have also taken comprehensive steps to ensure that the malware has been removed and that the hacker is no longer in our systems.

In some instances, a credit card company may have already replaced the potentially affected credit card if it determined that the guest was at risk. We encourage potentially affected guests to remain vigilant for instances of fraud and identity theft, and to regularly review and monitor relevant account statements and credit reports to ensure the information contained in them is accurate. If any unauthorized charges on credit or debit card(s) are detected, guests should contact their card issuer. If anything is seen that is incorrect on credit reports, guests should contact the credit reporting agency. Suspected incidents of identity theft should be reported to local law enforcement. Even if no signs of fraud are found on reports or account statements, security experts suggest that credit reports and account statements should be checked periodically.

FOR UNITED STATES RESIDENTS

Луйврын сэрэмжлүүлэг

Individuals who believe they may be affected by this incident may elect to place a fraud alert with the major credit reporting agencies on their credit files. Their contact information is as follows:

Equifax Equifax Information Services ХХК
Шуудангийн хайрцаг 105069
Атланта, GA 30348-5069 800-525-6285 www.equifax.com

Experian Experian залилан мэхлэлтийн тайлан
Шуудангийн хайрцаг 9554
Аллен, Техас 75013 888-397-3742 www.experian.com

ТрансЮнион ТрансЮнион ХХК
Шуудангийн хайрцаг 6790
Фуллертон, Калифорниа 92834-6790 800-680-7289 www.transunion.com

A fraud alert lasts 90 days, and requires potential creditors to use “reasonable policies and procedures” to verify their identity before issuing credit in their name (as soon as one agency is notified, the others are notified to place fraud alerts as well). Individuals can also request these agencies to provide them with a copy of their credit report. The fraud alert can be kept in place at the credit reporting agencies by calling again after 90 days.

Security freeze

Individuals can also ask these same credit reporting agencies to place a security freeze on their credit report. A security freeze prohibits a credit reporting agency from releasing any information from an individual’s credit report without written authorization. Placing a security freeze on the credit report may delay, interfere with, or prevent the timely approval of any requests from the individual concerned. This may include requests for new loans, credit, mortgages, employment, housing or other services. If individuals want to have a security freeze placed on their account, they must make a request in writing by certified mail to the reporting agencies. The reporting agencies will ask for certain personal information, which will vary depending on where the individual lives and the credit reporting agency. It normally includes name, social security number, date of birth, and current and prior addresses (and proof thereof), and a copy of government-issued identification.

The cost to place, temporarily lift, or permanently lift a credit freeze varies by state. Generally, the credit reporting agencies will charge $5.00 or $10.00. However, if the individual is the victim of identity theft and has a copy of a valid investigative or incident report, or complaint with a law enforcement agency, in many states it is free. Individuals have the right to a police report under certain state laws.