Hyatt Hotels Corp revealed on Wednesday that its payment processing system contained traces of malware that is likely to have resulted in the breach of credit and debit card information.
Global hotel chain Hyatt is advising customers to check their statements after an announcement wherein the hotel chain revealed that it had “recently identified malware on computers that operate payment processing systems.”
Details are scarce, with a news release published by Hyatt’s website barely revealing meager information of the incident. The website did not confirm if customers were impacted. The date(s) of the breach weren’t revealed either.
Hyatt confirmed that it sought the services of leading cybersecurity experts as soon as it learned of the breach with an investigation that followed. The hotel chain instructed guests and customers to review their account statements.
An excerpt from the news release read:
As always, customers should review their payment card account statements closely and report any unauthorized charges to their card issuer immediately. Payment card rules generally provide that cardholders are not responsible for unauthorized charges that are timely reported.
In an email to the Guardian, Hyatt spokeswoman Stephanie Sheppard claimed the hotel chain discovered the malware on November 30. Despite revealing the date of discovery, she did not comment on why the company waited nearly a month to publicly reported the breach.
The Hyatt hotel chain is just one many that have been struck by a breach this year. Hacked has previously reported on the Mandarin Oriental being breached earlier this year. A number of hotels across the United States and Europe were impacted.
In September, the Hilton Hotels chain was targeted by a credit card breach where malicious hackers targeted point-of-sale registers used at the hotels’ restaurants and gift shops, typically locations which see a large volume of transactions.
Another hotel chain, the Trump Hotel Collection, also confirmed a credit card breach due to malware infecting its point-of-sale systems in September. The affected hotels include several properties in the United States and Canada.
Most recently in November, 54 Starwood hotels and properties were targeted in a year-long breach of the hotels’ payment systems. The attackers are said to have made away with card holder names, card numbers, security codes and expiration dates of the cards.
While it passes as speculation, It’s entirely likely that a gang of cybercriminals are systematically targeting hotel properties over the past year and they have been clearly successful at it.
As of September 30, 2015, Hyatt’s worldwide portfolio of hotels total 627 properties across 52 countries.
Hyatt adds that it has taken steps to reinforce its systems and networks with better security while claiming customers can “feel confident” using their credit and debit cards at Hyatt properties around the world.
Furthermore, the hotel chain has also assured customers timely updates of its investigation here.
Featured image from Shutterstock.