Hyatt Hotels Hit by Credit Card Breach

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

Hyatt Hotels recently detected malware on the computer system that processes payments for its hotels, The Guardian reports.

It's not clear at this point whether any customer data was actually stolen, how long the malware was present on the system, or how many of the company's 627 properties in 52 countries may be affected.

Brands operated by the Hyatt Hotels Corporation include Hyatt, Park Hyatt, Andaz, Grand Hyatt, Hyatt Centric, Hyatt Regency, Hyatt Place, Hyatt House, Hyatt Zilara, Hyatt Ziva, Hyatt Residences and Hyatt Residence Club.

"As soon as we discovered the activity, we launched an investigation and engaged leading third-party cyber security experts," Hyatt global president of operations Chuck Floyd said in a statement.

"We have taken steps to strengthen the security of our systems, and customers can feel confident using payment cards at Hyatt hotels worldwide," Floyd added.

The Guardian notes, however, that while the malware was discovered on November 30, 2015, customers weren't notified of the breach until December 23, 2015.

All Hyatt customers are being encouraged to review their payment card accounts and to report any unauthorized charges to their card provider. Customers with questions are advised to contact Hyatt at (877) 218-3036.

Other hotel chains affected by credit card breaches this year have included the Trump Hotel Collection, Hilton Worldwide, Starwood Hotels & Resorts, and the Mandarin Oriental Hotel Group.

"Hotel chains are prime targets for hackers since they store and process a treasure trove of sensitive customer data," IDT911 chairman and founder Adam Levin told eSecurity Planet by email. "Consumers should immediately check their accounts for any suspicious activity and sign up with their bank, credit union, or credit card company for transactional monitoring so that they are notified any time there is activity in their credit or bank accounts."

Recent eSecurity Planet articles have offered advice on securing databases and examined the challenge of improving point-of-sale security.