Time to Check-Out…Hyatt Hotels Hacked


January 20, 2016 | DevOps | joanna mastrocola

There is nothing more relaxing than a few days away from home to sit back, relax, and unwind. If you decided to golf, hit the spa, or grab a bite to eat while enjoying some time off at a Hyatt Hotel, you might have taken more than just vacation selfies home with you. Just before Christmas, Hyatt announced a breach in their systems, though the details surrounding the hack were largely unclear. Now, weeks later, we are finally getting some answers… and it doesn’t look good.

According to Hyatt representatives, 250 hotels around the world were affected by the breach. Wondering if your holiday spot was hacked? Take a look at the comprehensive list.

The credit card information was largely taken between August 13, 2015 and December 8, 2015. A few accounts, however, were hacked right after July 30, 2015, so if you stayed at one of the breached hotels during that time, your information might have been exposed.

Malware designed to collect names, credit card numbers, expiration dates, and security codes was found in the hotels payment processing system. All of this information was leaked so it is important to take a look at your credit card reports for fraudulent charges. Even if you don’t see anything, it is a good idea to cancel the card and get a new one, as any hacker who has this info can easily make fraudulent online purchases on your credit card. Hyatt says that their restaurants were primarily targeted, but a few payment details from POS devices used at spas, golf courses, parking areas, and front desks were also exposed.

The exact number of customers affected has not been released, however, those whose information was taken will receive free credit monitoring for a year.

As most large retailers have made the switch to chip cards, it seems hackers are focusing on the easy targets. Since hotels process millions of transactions per day, it isn’t surprising that they are on most hackers’ radar. As these events become increasingly more common, let’s hope that this breach opens up deeper conversations among enterprises about data security, conversations that are ultimately aimed at changing security systems and protocols. In the meantime, we might be better off avoiding the fancy restaurants and golf courses and staying at a local B&B… or pitching a tent in our own backyard. 




Keep up-to-date on security best practices, events and webinars.

Share This