Starwood says hackers were able to see debit and credit card information of some people that dined or shopped at 54 of its hotels, including some Sheraton, Westin and W locations.
The Stamford, Connecticut-based hotelier says malware was found in payment systems at hotel restaurants, gift shops and other retail areas, but not at the front desk where guests pay for their stay.
The hotels include a St. Regis in Bal Harbour, Florida, and Sheraton, Westin and W locations in several cities, including Los Angeles and New York. The malware, which has since been removed, infected payment systems since as early as November 2014.
Starwood Hotels & Resorts Worldwide Inc. says the malware exposed names on the cards as well as card numbers, security codes and expiration dates.
Here's a list of affected SoCal hotels from the company's website: