Hyatt Hotels’ Payment Data Breached


Hyatt Hotels’ customers received a not-so-happy holiday gift last week when the hotel group announced its payment system was recently impacted by malware activity.

“We recently identified malware on computers that operate the payment processing systems for Hyatt-managed locations,” a statement from Hyatt Hotels Global President of Operations Chuck Floyd explained.

“As soon as we discovered the activity, we launched an investigation and engaged leading third-party cybersecurity experts,” Floyd continued.

According to a press release from the company containing a similar message, an investigation into the payment system breach is ongoing, and customers should continue to keep a close watch on their payment card account statements for any unauthorized charges.

Stephanie Sheppard, a spokeswoman for Hyatt Hotels, told Reuters the credit card-stealing malware attack was discovered on Nov. 30 but was unable to confirm how many of the hotel chain’s locations were impacted, how long its network was left vulnerable and if any payment card data was actually stolen.

The data breach at Hyatt Hotels is just the latest in a string of recent cyberattacks on businesses within the hospitality industry.

Just last month, the world’s largest hotel company, Starwood Hotels & Resorts, announced some of its hotel locations were hit by a malware attack. The payment systems of 54 Starwood hotels in North America were infected with a malware designed to compromise payment card data, Reuters reported at the time. The breach enabled unauthorized parties to gain access to sensitive information, such as payment card number, cardholder name, security code and expiration date.

Trump Hotels, Hilton Hotels, Mandarin Oriental Hotel Group and hotel management group White Lodging Services have all reported and investigated breaches to their payment and/or point-of-sale systems this year.