Consumers who used their credit cards at a variety of Hilton Hotels-owned properties between November of last year and now may have noticed some strange activity on their credit cards. Thanks to point-of-sale hacking at some of the properties, an unknown number of guests have had their credit card information stolen, according to a statement from the property chain.

Following reports of strange activity on consumers’ credit cards, investigators began to uncover fraudulent transactions at restaurants, gift shops, and other stores located inside Hilton locations. While the charges are believed to have begun in November of last year, investigators have reason to suspect it may still be happening.

It’s important that consumers know the online reservations and guest services registers do not seem to have been affected by this broad-scale identity theft. When point-of-sale fraud takes place, the culprit is often POS machine tampering or a software bug that has infected the POS network.

In the Target data breach, it was malicious software that stole customers’ information through the POS machines. The software was sent throughout the network after an HVAC contractor’s computers were infected. When an employee with the third-party contractor accidentally downloaded a virus from a phishing email, the hackers were able to root around in their smaller network system and look for bigger fish to fry. When they came across access to Target’s network, they were able to then install the malicious software on Target’s POS credit card network and steal consumers’ information.

A more basic version of POS fraud is through physical tampering with the credit card machine. It’s been known to happen in stores, but it’s a little harder to pull off if store employees see the culprit and report it. That’s why gas station pumps are a popular target for this kind of crime. With the vehicle parked in front of the pump, it’s a little easier to install the microfilm that steals the customers’ information when they pay at the pump.

For this reason, it’s too easy to assume that the Hilton breach is an “inside job,” but there has been no proof of that yet and the hotel chain is not releasing the locations that are known to be affected. What is known is that the locations can include any of Hilton’s other properties, including Embassy Suites, Doubletree, Hampton Inn and Suites, and the upscale Waldorf Astoria Hotels & Resorts.