News 6 learned on Tuesday a data breach at Orlando-based Rosen Hotels & Resorts may have compromised payment cards used at the hotels by guests as far back as 2014.
According to Rosen's website, the company received unconfirmed reports on Feb. 3 about a pattern of unauthorized charges on payment cards after the cards were used by some guests during their stays. The company then launched an investigation into the payment card processing system.
"Findings from the investigation show that an unauthorized person installed malware in RH&R’s payment card network that searched for data read from the magnetic stripe of payment cards as it was routed through the affected systems," Rosen said on its website. "In some instances the malware identified payment card data that included cardholder name, card number, expiration date, and internal verification code. In other instances the malware only found payment card data that did not include cardholder name."
Cards used at the hotels between Sept. 2, 2014 and Feb. 18, 2016, could be compromised, according to the website. Officials said they are working with the card networks to identify those affected and increase monitoring on those accounts.
Rosen has established a helpline at 855-907-3214 for guests with questions from 8 a.m. to 8 p.m. Monday through Friday.
Rosen also posted information on ways for guests to protect themselves.