Hackers have infected Hyatt Hotels’ payment card systems with malware and have potentially stolen visitor names and credit card details for the second time in as many years.
In a statement Hyatt Hotels Corporation president of operations Chuck Floyd said the company has “discovered signs of and then resolved unauthorized access to payment card information” from cards entered manually or swiped at the front desk of some Hyatt hotels between March 18, 2017 and July 2, 2017.
In total, 41 hotels are affected, almost half of which are in China. Irregular activity has also been detected in Hyatt hotels in Brazil, Columbia, Guam, India, Indonsesia, Japan, Mexico, Puerto Rico, South Korea and Hawaii in United States.
Upon discovering the unauthorized access, Hyatt launched an investigation alongside “third-party experts”, payment card networks and the authorities. The investigation found that the data breach can be traced back to “an insertion of malicious software code from a third party onto certain hotel IT systems.”
The company hasn’t provided figures on the number of guests who have fallen victim to the credit card data thieves, only that it’s a “small” number of them, but Hyatt says it has contacted all the guests who used the payment card systems at the infected hotels during the at-risk dates.
A Hyatt spokesperson told ZDNet its cyber security team discovered signs of suspicious activity in July, with customers being notified yesterday (12th October) following the conclusion of the investigation.
Hotel guests are advised to closely review their credit card statements regularly and report any unauthorized activity to their bank as soon as anything is noticed.
“This incident is something we take seriously, and we are…