Skip to main content

Yet Another Credit Card Breach For Hyatt

By November 8, 2017June 21st, 2022Cybersecurity

Hotel giant Hyatt is in the crosshairs again, having suffered its second data breach in two years. Hyatt’s security team recently confirmed the breach as having occurred between March 18 and July 2 of 2017.

While the company has yet to release any information detailing the number of impacted users, simply stating that it was a “small percentage of guests,” we do know that the following information was stolen:

• Credit card numbers
• Cardholder names
• Expiration dates
• And internal verification codes

Of note, no other personal information was obtained, so your name, address, birthdate, etc. remain safe.

It’s also known that the breach impacted 41 of Hyatt’s facilities, spread over 11 countries, including the United States, Brazil, China, Colombia, Guam, India, Indonesia, Japan, Malaysia, Mexico, Puerto Rico, Saudi Arabia and South Korea.

Per Chuck Floyd, Hyatt’s President of Operations:

“Based on our investigation, we understand that such unauthorized access to card data was caused by the insertion of malicious software code from a third party onto certain hotel IT systems. Our enhanced cybersecurity measures and additional layers of defense implemented over time helped to identify and resolve the issue.

We worked quickly with leading third-party cybersecurity experts to resolve the issue and strengthen the security of our systems in order to help prevent this from happening in the future.

As a result of implemented measures designed to prevent this from happening in the future, guests can feel confident using payment cards at Hyatt hotels worldwide.”

Interestingly, this statement is eerily similar to the one he was forced to issue last year after the first of the two data breaches.

While it’s understandable to try and put things in the best possible light after an attack like this, the words begin to ring hollow if the attacks keep happening, and it may be more difficult for Hyatt to regain consumer trust after this second incident.

Chris Forte

Chris Forte, President and CEO of Olmec Systems, has been in the MSP workspace for the past 25 years. Chris earned his Master’s Degree from West Virginia University, graduating Magna Cum Laude. He was a past member of the Entrepreneurs’ Organization, a current member of the New Jersey Power Partners and Executive Association of New Jersey, where he has previously served on its board of directors. In his spare time, Chris enjoys traveling with his family. He also admits to being a struggling golfer and avid watcher of college football and basketball. He currently lives in Boonton Township, NJ with his wife, two daughters, son, and black lab Luna.