Hyatt Hotels Completes Investigation on Malware Attack

  • Hyatt Hotels Corporation
  • 01.15.16
Late Thursday afternoon, Hyatt Hotels Corporation announced that it has completed its investigation to the payment card incident that was reported in December.

Hyatt reported that the investigation found that payment card data at 250 hotels were affected by malware which collected payment card data including cardholder names, card numbers, expiration dates and internal verification codes. Though the at-risk window began on or shortly after July 30, 2015, the majority of signs of unauthorized access were found mainly at Hyatt-managed restaurants between August 13 and December 8, 2015. A small amount of unauthorized access was also found at spas, golf shops, parking and a limited number of front desks or provided to a sales office.

“Though it is common to see malware capture credit cards at the time of the swipe, in this instance, the malware collected card data while it was being routed through the affected payment processing systems, according to Hyatt’s statement,” said Brad Cyprus, chief of security and compliance at Netsurion, a provider of remotely-managed security services for multi-location businesses. “2016 is picking up right where we left off last year, with more evidence of the IT security threat the hospitality industry is facing. In the New Year, these businesses, from individually owned hotels to large, national chains, should resolve to strengthen security postures. For many, the best way to accomplish that goal is to partner with a managed data and network security provider."

For a full list of affected Hyatt locations and at-risk dates, please click here.

Related Articles
want to read more articles like this?

want to read more articles like this?

Sign up to receive our twice-a-month Watercooler and Siegel Sez Newsletters and never miss another article or news story.