Starwood Hotels & Resorts has implemented additional digital security systems after revealing that 54 of its North American properties had been infected by malware.
The company said the affected payment systems were in areas such as on-site restaurants and gift shops, but said the malware no longer posed a threat.
It also said that a third-party investigation had showed that the virus was designed to collect information such as cardholder name, payment card number, security code and expiration date, but no consumer information such as contact information or private ID numbers had been compromised.
The announcement on Friday said that the 54 properties had been affected for varying periods between November 2014 and October 2015.
Affected hotels included the Westin New York at Times Square, the Walt Disney World Dolphin in Orlando and W hotels in both Hollywood and New York.