Due to malicious attackers infecting Hyatt Hotels systems with malware, Hyatt Hotels has suffered a breach of customers’ payment card data for the second time since 2015.
Hyatt Hotels suffers international payment card data breach
The Chicago-based hotel chain has said that this latest payment card data breach lasted for around three months this year. Further, this breach has affected a total of 41 properties across 11 countries of the world.
What Hyatt Hotels breach notification stated?
According to a Hyatt Hotels data breach notification, the payment card data breach ran from March 18 to July 2, when they discovered the intrusion. This notification about data breach was issued by Chuck Floyd, global president of operations at the hotel chain.
What Hyatt’s breach FAQ stated?
According to Hyatt’s breach FAQ, “Hyatt’s cybersecurity team discovered signs off and then resolved unauthorized access to payment card information from cards manually entered or swiped at the front desk of certain Hyatt-managed locations. Upon discovery, we launched a comprehensive investigation to understand what happened and how this occurred, including engaging leading third-party experts, payment card networks, and authorities.”
Which all properties got infected?
The investigation that was launched soon after the discovery has discovered malware infections at 41 properties, which included 18 properties in China, making it the most affected country. In the United States and its territories, around 7 properties were breached, including 3 in Hawaii, 3 in Puerto Rico and 1 in Guam. Further, other affected countries included India, Brazil, Columbia, Indonesia, Japan, Saudi Arabia, Malaysia, Mexico, and South Korea.
What all data has been stolen:
Hyatt has said that it appears that only data from payment cards, which comprised the cardholder name, expiration date, card number, and internal verification code – was stolen. Further, they said, “There is no indication that any other information was involved.”
Hyatt has claimed that its information security investments have helped it in resolving the infection expeditiously. Floyd said, “Our enhanced cybersecurity measures and additional layers of defense implemented over time helped to identify and resolve the issue.”
Image Source: Image