Hilton Worldwide said Tuesday it has identified and eliminated malware that targeted customer card information during a 17-week period.
The attack on some of the lodging company's point of sale systems targeted cardholder names as well as card numbers, security codes and expiration dates. Hilton advised customers who used a payment card at one of its hotels from April 21 to July 27 of this year, or between Nov. 18 and Dec. 5 of last year, to review their statements.
"Hilton Worldwide is strongly committed to protecting customers' payment card information, and we sincerely regret any inconvenience this may have caused customers," the company said in a statement.
Hilton added that it has "further strengthened its systems" since identifying the attack.
The company's shares were unchanged in after-hours trading
Cybersecurity journalist Brian Krebs, citing several banking sources, reported on his blog in September that a pattern of fraud has been detected involving credit cards that had been used at point-of-sale registers in gift shops and restaurants at "a large number of Hilton Hotel and franchise properties."
Earlier this week, Starwood Hotel & Resorts Worldwide announced that point-of-sale systems at 54 of its hotels in North America had been infected with a malware designed to collect payment card data. The company said the affected payment systems were at the restaurants, gift shops and other places in the hotels, and did not affect its reservation or rewards program systems.
NBC News' James Eng contributed to this report.