Updated: Nov. 25, 2015

If you thought credit card breaches were limited to restaurants and retail stores, you were unfortunately mistaken. Cybersecurity blogger Brian Krebs has written about numerous hotel chain credit card breaches over the past year, including Mandarin Oriental and White Lodging, and he has now added two more to this list. Hilton Hotels and Trump Hotel Collection have both been revealed by multiple financial institutions as the source of credit card fraud perpetrated in recent months. Americans who are frequent travelers might want to pay close attention to their credit and debit card statements, especially if a hotel in any of these lines has been part of your itinerary in the past year.

What details should I know about these hotel breaches?

If you are a Trump Hotel Collection customer …

trump hotel breachThe Trump Hotel Collection breach was first reported by Krebs in the beginning of July, and the company quickly confirmed that it had detected a security issue. Three months later, following an investigation, an official notice was posted to the Trump website along with detailed information regarding which specific hotels were part of the breach. These include the Trump SoHo New York, Trump National Doral, Trump International New York, Trump International Chicago, Trump International Waikiki, Trump International Hotel & Tower Las Vegas and Trump International Toronto, and the breach affects customers who used credit or debit cards at any of these hotels between May 19, 2014 and June 2, 2015.

In addition to payment card information — such as card numbers, expiration dates and security codes — some transactions at the Last Vegas and Waikiki locations may have also revealed customers’ names. Trump customers who stayed at any of the affected hotels during the breach time period can contact the company via a toll-free number for information on the year of complimentary fraud resolution and identity theft protection services being offered through Experian.

If you are a Hilton customer …

hilton hotel breachFollowing reports on Sept. 28 that a pattern of fraud had been detected by multiple banks and tracked to Hilton-branded hotels as the source, the company confirmed an investigation. After Visa notified financial institutions in August 2015 about fraudulent activity, five banks concluded that the fraud pattern could be linked to Hilton locations. A Nov. 24 press release from Hilton confirmed that a security breach had occurred via malware targeting the point-of-sale (POS) systems at some of its hotels. The credit card breach is not linked to the guest reservation systems, but rather a problem with the POS systems within gift shops and restaurants at these hotels and properties.

Concerned customers should look for unusual charges on their credit or debit cards between Nov. 18 to Dec. 5, 2014 or April 21 to July 27, 2015, according to the Hilton website. In addition to flagship Hilton properties, other at-risk locations for this breach include Embassy Suites, Doubletree, Hampton Inn and Suites and Waldorf Astoria Hotels & Resorts. According to the statement released by Hilton, customers who used a payment card at a Hilton Worldwide hotel between the dates the breaches occurred are eligible for one year of complimentary identity theft protection through AllClear ID.

How can I protect myself?

The most important thing that anyone — whether you have made any purchases at one of these hotel locations or not — can do is to pay close attention at all times to credit and debit card statements. Not only is it important to actually open and read those monthly billing statements, but it’s a good idea to monitor your credit and bank accounts on a regular basis (daily or at least weekly) using the online account access most provide. Identity theft is everywhere, and it’s sadly very easy to have your payment card information stolen in a breach or even when you’re using the ATM. Monitoring your statements means you are likely to spot fraud when it happens, rather than finding out down the road. If you do notice fraudulent purchases on your statement, you should contact the financial institution immediately to report it.

It’s also worthwhile to consider signing up for an identity theft protection service. While these services cannot prevent identity theft (no one can), they are excellent resources in the event that fraud is committed in your name. Most provide excellent identity restoration services that can help you with placing the necessary phone calls and walk you through the steps you must take depending on what kind of fraud you’re dealing with. Additionally, most of these services also help by monitoring the Internet black market for your information — notifying you if something is found — as well as providing three-bureau credit report monitoring and access to your credit reports so you can ensure nothing suspicious has made its way onto your reports.

You can learn more about protecting your identity in the wake of a data breach by following our data breach blog and find out about the top-rated identity theft services by reading our in-depth reviews.