c.2014 New York Times News Service

c.2014 New York Times News Service

SAN FRANCISCO ó In the latest in a spate of online attacks affecting U.S. businesses, White Lodging, which manages hotel franchises for chains like Marriott, Hilton and Starwood Hotels, is investigating a potential security breach involving customersí payment information.

White Lodging Services Corp., which works with 168 hotels in 21 states, confirmed that it was examining the data breach.

The intrusion into its systems was first posted by Brian Krebs, a security blogger, Friday, when he reported that the breach might have resulted in the fraudulent use of hundreds of credit and debit cards for payment at Marriott hotels between March 2013 and the end of the year.

Krebs was also first to report the hacking of consumer data from Target, Neiman Marcus and Michaels.

Krebs said that he was alerted to fraudulent transactions at scattered Marriott hotel locations by unnamed people in the banking industry. The locations where the fraudulent activity took place were all managed by White Lodging, which is based in Merrillville, Ind.

Kathleen Quilligan, a spokeswoman for White Lodging, confirmed the company was investigating.

Separately, Marriott confirmed that a franchisee had experienced unusual fraud activity connected to the systems that process credit card transactions for hotels including Marriott and others. The company said it was working closely with the franchisee as it investigated.

A spokesman for the Secret Service could not immediately say whether the agency was investigating the breach of White Lodging data. The Secret Service is conducting separate inquiries into the breaches at Target, Neiman Marcus and Michaels.

A band of hackers in Eastern Europe is believed to be responsible for those data thefts, and may be behind a broader attack directed at as many as half a dozen other retailers, according to two people investigating the breaches who spoke on the condition of anonymity.

The thefts have reignited the push for more secure credit and debit cards, similar to those used in Europe and elsewhere, and have prompted congressional calls for tougher consumer protections and federal breach notification requirements.

In addition to investigations by federal and some state authorities, at least three congressional panels will begin holding hearings on consumer data theft. A Senate banking subcommittee will hear testimony Monday; Targetís chief financial officer, John Mulligan, will testify before the Senate Judiciary Committee along with law enforcement officials. A third hearing, in the House Commerce Committee, will take place Wednesday.