Hyatt Confirms Data Breach at 250 Hotels
In December, Hyatt Hotels announced they had discovered credit card stealing malware on their payment processing computers. Yesterday, the hotel chain confirmed this malware was capable of stealing credit card names, numbers, expiration dates and verification codes.
The attack took place against the hotel’s payment processing system between August 13 and December 8, though some hotels may have been breached as early as July 30.
A list of the 250 hotels affected can be found on the company’s website. The hotels are located in 54 different countries with a majority located in China and the United States.
In his statement, Chuck Floyd, the Global President of Operations at Hyatt, said the company was mailing and emailing letters to customers who were identified as one of the “at-risk transactions.” He urges all Hyatt visitors, though, to monitor their payment card accounts for unauthorized charges.
Hyatt is also providing one year of CSID Protector services at no charge to affected customers. Customers in the United States may visit this page to sign-up, while those outside of the U.S. need to go here to enroll.
Floyd stated the company “worked quickly with leading third-party cyber security experts to resolve the issue and strengthen the security of our systems in order to help prevent this from happening in the future. We also notified law enforcement and the payment card networks. Please be assured that you can confidently use payment cards at Hyatt hotels worldwide.”