DoubleTree by Hilton Company Cyber Security Posture
doubletree.comDoubleTree by Hilton hotels are distinctively designed properties that provide true comfort to todayโs business and leisure travelers. From the millions of delighted hotel guests who are welcomed with the brandโs legendary, warm chocolate chip cookies at check-in to the advantages of the award-winning Hilton HHonorsยฎ guest reward program, each DoubleTree by Hilton guest receives a satisfying stay wherever their travels take them. With a growing collection of contemporary, upscale accommodations in more than 375+ gateway cities, metropolitan areas and vacation destinations worldwide. DoubleTree by Hilton is part of Hilton Worldwide (NYSE: HLT), a leading global hospitality company spanning the lodging sector from luxury and full-service hotels and resorts to extended-stay suites and focused-service hotels. For 95 years, Hilton Worldwide has been dedicated to continuing its tradition of providing exceptional guest experiences. The companyโs portfolio of eleven world-class global brands is comprised of more than 4,100 managed, franchised, owned and leased hotels and timeshare properties, with more than 685,000 rooms in 92 countries and territories, including Hilton Hotels & Resorts, Waldorf Astoria Hotels & Resorts, Conrad Hotels & Resorts, Curio โ A Collection by Hilton, DoubleTree by Hilton, Embassy Suites Hotels, Hilton Garden Inn, Hampton Hotels, Homewood Suites by Hilton, Home2 Suites by Hilton and Hilton Grand Vacations. The company also manages an award-winning customer loyalty program, Hilton Honors.
DH Company Details
doubletree-hilton
15099 employees
131691.0
721
Hospitality
doubletree.com
Scan still pending
DOU_3954735
In-progress
DH Risk Score (AI oriented)Between 900 and 1000
This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.
DH Global Score.png)
DoubleTree by Hilton Company Scoring based on AI Models
| Model Name | Date | Description | Current Score Difference | Score |
|---|---|---|---|---|
| AVERAGE-Industry | 03-12-2025 | This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers. | N/A | Between 900 and 1000 |
DoubleTree by Hilton Company Cyber Security News & History
| Entity | Type | Severity | Impact | Seen | Url ID | Details | View |
|---|---|---|---|---|---|---|---|
| Hilton Hotels & Resorts | Breach | 100 | 6 | 09/2015 | HIL15823422 | Link | |
Rankiteo Explanation : Attack threatening the economy of a geographical regionDescription: The credit card details of numerous customers were leaked after common point-of-sale registers in gift shops and restaurants at a large number of Hilton Hotel was compromised. Hilton hotel apologized to all the customers and investigated the incident with the data security team. The hotel was also fined $700K for the breach. | |||||||
| Hilton | Breach | 50 | 2 | 11/2015 | HIL1733261023 | Link | |
Rankiteo Explanation : Attack limited on finance or reputationDescription: Hilton Worldwide Holdings, a hotel group, revealed that credit card information was stolen by cybercriminals from a few of its point-of-sale systems. Executive vice president of Hilton Global Brands Jim Holthouser claims that malware compromised PoS systems, enabling hackers to obtain client information such as credit card numbers, expiration dates, security codes, and names of credit card holders. In certain point-of-sale systems, unauthorised malware that targeted credit card information has been found and removed by Hilton Worldwide. It was discovered that the data breach did not expose the customer's addresses or personal identification numbers. | |||||||
| Hilton Hotels & Resorts | Breach | 100 | 5 | 11/2017 | HIL2335171223 | Link | |
Rankiteo Explanation : Attack threatening the organizationโs existenceDescription: The Hilton hotel chain was accused of improperly handling two distinct cyberattacks that resulted in the exposure of its customers' financial information, and as a result, it agreed to pay Vermont and New York $700,000. According to the inquiry, thieves put denial-of-service malware on Hilton's payment systems, which would have exposed cardholders' personal information. The business is held accountable for the customers' delayed notice and is charged with having a payment method with inadequate security. Hilton will improve the security of its payment systems and internal incident response protocols as part of the settlement. | |||||||
DoubleTree by Hilton Company Subsidiaries
DoubleTree by Hilton hotels are distinctively designed properties that provide true comfort to todayโs business and leisure travelers. From the millions of delighted hotel guests who are welcomed with the brandโs legendary, warm chocolate chip cookies at check-in to the advantages of the award-winning Hilton HHonorsยฎ guest reward program, each DoubleTree by Hilton guest receives a satisfying stay wherever their travels take them. With a growing collection of contemporary, upscale accommodations in more than 375+ gateway cities, metropolitan areas and vacation destinations worldwide. DoubleTree by Hilton is part of Hilton Worldwide (NYSE: HLT), a leading global hospitality company spanning the lodging sector from luxury and full-service hotels and resorts to extended-stay suites and focused-service hotels. For 95 years, Hilton Worldwide has been dedicated to continuing its tradition of providing exceptional guest experiences. The companyโs portfolio of eleven world-class global brands is comprised of more than 4,100 managed, franchised, owned and leased hotels and timeshare properties, with more than 685,000 rooms in 92 countries and territories, including Hilton Hotels & Resorts, Waldorf Astoria Hotels & Resorts, Conrad Hotels & Resorts, Curio โ A Collection by Hilton, DoubleTree by Hilton, Embassy Suites Hotels, Hilton Garden Inn, Hampton Hotels, Homewood Suites by Hilton, Home2 Suites by Hilton and Hilton Grand Vacations. The company also manages an award-winning customer loyalty program, Hilton Honors.
Access Data Using Our API
Get company history
Rapid.png)
DH Cyber Security News
Hilton SWOT Analysis (2025)
Hilton is a strong player in the global hospitality industry, leveraging its extensive brand portfolio, loyalty programs, and commitment toย ...
Credit Union Conferences in 2025: An Evolving List
Credit unions, credit union trade associations, CUSOs, leagues and third-party service providers are busy putting together a plethora ofย ...
Hilton Worldwide Holdings Inc.
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer,ย ...
Travel safety and security in India
In a rapidly digitizing economy, cybersecurity remains a growing concern for Indian businesses, including hotels. With increasing reliance onย ...
Malaysia aims 100 cybersecurity experts accredited C-CISO this year
KUALA LUMPUR, June 3 โ The Digital Ministry is targeting at least 100 cybersecurity experts to be accredited as Certified Chief Informationย ...
DoubleTree by Hilton Naha Shuri Castle Debuts in Okinawa
Hilton Worldwide (NYSE: HLT) and DoubleTree by Hilton announced the opening of DoubleTree by Hilton Naha Shuri Castle today.
City governor launches $160m first phase of Madinah Gate project
https://arab.news/9uxsa. Development will comprise apartments, hotel, retail units, bus station. MADINAH: Madinah governor Prince Salman binย ...
News - Gary Wang receives Cybersecurity Award for Exemplary Service
SAN DIEGO - Gary Wang, Space and Naval Warfare Systems Command director of Corporate Operations and chief information officer, was awarded aย ...
Cybersecurity: San Antonioโs Not-So-Secret Opportunity
Cybersecurity could become the next big thing in San Antonio, a generator of thousands of new, high-paying jobs, and the biggest wave of entrepreneurialย ...
DH Similar Companies
Marriott Vacations Worldwide
Marriott Vacations Worldwideย encompasses a diverseย portfolio of businessesย โ and a distinctiveย family of brands. Innovation. Integrity. Excellence. This is our story. And while the company spans brands and businesses, decades and continents, our shared inspiration continues to drive us forward: de
Two Roads Hospitality
Founded in 2016, Two Roads Hotels is an international lifestyle hotel company that manages and operates the Alila Hotels & Resorts, Destination Hotels, Joie de Vivre Hotels, Thompson Hotels, and tommie Hotels brands. At Two Roads, we create extraordinary experiences for those unafraid to break f
China National Travel Service (HK) Group Corporation
The China Travel Service (Holdings) Limited is the backbone of the state-owned enterprise directly supervise by Central government. It is also the largest travel corporation in China and was established in April 1928 by Chinese banker Chen Guangfu. From generation to generation, it is now a large st
Resorts World Sentosa
ABOUT RESORTS WORLD SENTOSA Resorts World Sentosa (RWS), Asiaโรรดs premium lifestyle destination resort, is located on Singaporeโรรดs resort island of Sentosa. Spanning 49 hectares, RWS is home to world-class attractions including Universal Studios Singapore, S.E.A. Aquarium, Dolphin Island and Adven
USA Parking System
SP+ Hospitality is the industry's largest, leading parking company in the world. Our specialty is the management of the parking and arrival experience of high end, service-oriented resorts and hotels. Our commitment to training, guest service, and promotion from within are just a few of the many rea
Stonegate Group
Weโรรดre the UK's biggest pub company, but thatโรรดs not all we are. Weโรรดre an incredible team bringing people together through our 4,500+ sites nationwide. Formed in 2010 with 333 pubs, Stonegate Group has grown bigger and better than ever, and today weโรรดre home to well-loved sites such as Slug &
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
DH CyberSecurity History Information
How many cyber incidents has DH faced?
Total Incidents: According to Rankiteo, DH has faced 3 incidents in the past.
What types of cybersecurity incidents have occurred at DH?
Incident Types: The types of cybersecurity incidents that have occurred incidents Breach.
What was the total financial impact of these incidents on DH?
Total Financial Loss: The total financial loss from these incidents is estimated to be $700 thousand.
How does DH detect and respond to cybersecurity incidents?
Detection and Response: The company detects and responds to cybersecurity incidents through remediation measures with improve the security of payment systems, enhance internal incident response protocols and containment measures with Malware removed from point-of-sale systems and communication strategy with Apologized to customers.
Incident Details
Can you provide details on each incident?
Incident : data breach
Title: Hilton Hotel Chain Data Breach and Malware Attack
Description: The Hilton hotel chain was accused of improperly handling two distinct cyberattacks that resulted in the exposure of its customers' financial information, and as a result, it agreed to pay Vermont and New York $700,000.
Type: data breach
Attack Vector: denial-of-service malware
Vulnerability Exploited: inadequate security of payment systems
Threat Actor: thieves
Incident : Data Breach
Title: Hilton Worldwide Credit Card Data Breach
Description: Credit card information was stolen by cybercriminals from a few of Hilton Worldwide Holdings' point-of-sale systems due to malware.
Type: Data Breach
Attack Vector: Malware
Vulnerability Exploited: Point-of-Sale Systems
Threat Actor: Cybercriminals
Motivation: Financial Gain
Incident : Data Breach
Title: Hilton Hotel Credit Card Data Breach
Description: The credit card details of numerous customers were leaked after common point-of-sale registers in gift shops and restaurants at a large number of Hilton Hotels were compromised.
Type: Data Breach
Attack Vector: Point-of-Sale System
What are the most common types of attacks the company has faced?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Point-of-Sale Systems and Point-of-Sale Registers.
Impact of the Incidents
What was the impact of each incident?
Incident : data breach HIL2335171223
Financial Loss: $700,000 in fines
Data Compromised: customers' financial information
Systems Affected: payment systems
Legal Liabilities: charged with delayed notice and inadequate security
Payment Information Risk: high
Incident : Data Breach HIL1733261023
Data Compromised: Credit card numbers, Expiration dates, Security codes, Names of credit card holders
Systems Affected: Point-of-Sale Systems
Payment Information Risk: True
Incident : Data Breach HIL15823422
Data Compromised: Credit Card Details
Systems Affected: Point-of-Sale Registers
Legal Liabilities: Fined $700K
Payment Information Risk: High
What is the average financial loss per incident?
Average Financial Loss: The average financial loss per incident is $233.33 thousand.
What types of data are most commonly compromised in incidents?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are financial information, Credit card numbers, Expiration dates, Security codes, Names of credit card holders and Credit Card Details.
Which entities were affected by each incident?
Response to the Incidents
What measures were taken in response to each incident?
Incident : data breach HIL2335171223
Remediation Measures: improve the security of payment systems, enhance internal incident response protocols
Incident : Data Breach HIL1733261023
Containment Measures: Malware removed from point-of-sale systems
Incident : Data Breach HIL15823422
Communication Strategy: Apologized to customers
Data Breach Information
What type of data was compromised in each breach?
Incident : data breach HIL2335171223
Type of Data Compromised: financial information
Sensitivity of Data: high
Incident : Data Breach HIL1733261023
Type of Data Compromised: Credit card numbers, Expiration dates, Security codes, Names of credit card holders
Sensitivity of Data: High
Data Exfiltration: True
Incident : Data Breach HIL15823422
Type of Data Compromised: Credit Card Details
Sensitivity of Data: High
What measures does the company take to prevent data exfiltration?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: improve the security of payment systems, enhance internal incident response protocols.
How does the company handle incidents involving personally identifiable information (PII)?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through was Malware removed from point-of-sale systems.
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident?
Incident : data breach HIL2335171223
Fines Imposed: $700,000
Incident : Data Breach HIL15823422
Fines Imposed: $700K
Investigation Status
What is the current status of the investigation for each incident?
Incident : Data Breach HIL15823422
Investigation Status: Investigated by data security team
How does the company communicate the status of incident investigations to stakeholders?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through was Apologized to customers.
Initial Access Broker
How did the initial access broker gain entry for each incident?
Incident : Data Breach HIL1733261023
Entry Point: Point-of-Sale Systems
Incident : Data Breach HIL15823422
Entry Point: Point-of-Sale Registers
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident?
Incident : data breach HIL2335171223
Root Causes: inadequate security of payment systems, delayed notice to customers
Corrective Actions: improve the security of payment systems, enhance internal incident response protocols
Incident : Data Breach HIL1733261023
Root Causes: Malware compromised PoS systems
Corrective Actions: Malware removed from point-of-sale systems
What corrective actions has the company taken based on post-incident analysis?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: improve the security of payment systems, enhance internal incident response protocols, Malware removed from point-of-sale systems.
Additional Questions
General Information
Who was the attacking group in the last incident?
Last Attacking Group: The attacking group in the last incident were an thieves and Cybercriminals.
Impact of the Incidents
What was the highest financial loss from an incident?
Highest Financial Loss: The highest financial loss from an incident was $700,000 in fines.
What was the most significant data compromised in an incident?
Most Significant Data Compromised: The most significant data compromised in an incident were customers' financial information, Credit card numbers, Expiration dates, Security codes, Names of credit card holders and Credit Card Details.
What was the most significant system affected in an incident?
Most Significant System Affected: The most significant system affected in an incident was payment systems and Point-of-Sale Systems and Point-of-Sale Registers.
Response to the Incidents
What containment measures were taken in the most recent incident?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Malware removed from point-of-sale systems.
Data Breach Information
What was the most sensitive data compromised in a breach?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were customers' financial information, Credit card numbers, Expiration dates, Security codes, Names of credit card holders and Credit Card Details.
Regulatory Compliance
What was the highest fine imposed for a regulatory violation?
Highest Fine Imposed: The highest fine imposed for a regulatory violation was $700,000, $700K.
Investigation Status
What is the current status of the most recent investigation?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Investigated by data security team.
Initial Access Broker
What was the most recent entry point used by an initial access broker?
Most Recent Entry Point: The most recent entry point used by an initial access broker were an Point-of-Sale Systems and Point-of-Sale Registers.
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was inadequate security of payment systems, delayed notice to customers, Malware compromised PoS systems.
What was the most significant corrective action taken based on post-incident analysis?
Most Significant Corrective Action: The most significant corrective action taken based on post-incident analysis was improve the security of payment systems, enhance internal incident response protocols, Malware removed from point-of-sale systems.
What Do We Measure?
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
