HEI Hotels & Resorts (HEI), which include Hyatt, Sheraton, Marriott and Westin Hotels have notified individuals who purchased food and beverages at 20 locations in 10 states and the District of Columbia that their credit card information may have been compromised due to a malware intrusion.

The intrusion occurred between early 2015 and June 2016,