Alleged breach reported by Brian Krebs.
The Hilton hotel group has said it is investigating claims its US shops and gift stores may be the source of a credit-card hack.
Security expert Brian Krebs blogged that a large number of compromised cards listed in an alert by Visa appeared to have been used at tills inside US Hilton properties beforehand.
The alert identified cards attacked between 21 April and 27 July 2015.
The breach was not linked to the guest reservation system.
Visa had not named Hilton in the confidential alert it had sent out to to various financial organisations but “sources at five different banks” had named the hotel group, wrote Mr Krebs.
“Sources say the the fraud seems to stem from compromised point-of-sale devices inside of franchised restaurants, coffee bars and gift shops within Hilton properties,” he said.
In a written statement, Hilton said it had invested heavily in data security.
“Unfortunately the possibility of fraudulent credit-card activity is all too common for every company in today’s marketplace,” it said.
“We take any potential issue very seriously, and we are looking into this matter.”