Hyatt suffers second data breach in two years

The Hyatt Regency Maui Resort and Spa is among those affected by the latest breach.

Hyatt Hotels Corporation revealed last week it suffered a breach of its payment systems, exposing customer credit card data from 41 hotels in 11 countries worldwide. It took Hyatt nearly three months to inform customers about the breach, which was discovered in July. The breach impacts customers who used credit cards at affected hotels from March 18 to July 2.

Based on Hyatt’s investigation into the breach, it appears that malicious software code from a third party was inserted onto certain hotel information technology systems. A list of impacted hotels can be found here. In total, 41 hotels are affected, almost half of which are in China. Irregular activity has also been detected in Hyatt hotels in Brazil, Columbia, Guam, India, Indonesia, Japan, Mexico, Puerto Rico, South Korea, and Hawaii.

In a statement, Chuck Floyd, global president of operations for Hyatt Hotels said, “I want to assure you that there is no indication that information beyond that gained from payment cards—cardholder name, card number, expiration date and internal verification code—was involved, and as a result of implemented measures designed to prevent this from happening in the future, guests can feel confident using payment cards at Hyatt hotels worldwide.”

FREE HOTEL MANAGEMENT NEWSLETTER

Like this story? Subscribe to Technology!

Hospitality professionals turn to Technology as their go-to news source for the latest technology products and trends. Sign up today to get news and updates on security systems, in-room entertainment, and more delivered to your inbox and read on the go.

Back in 2016, Hyatt disclosed a breach of payment cards that affected 250 hotels in approximately 50 countries, making it one of the most wide-ranging incidents in a rash of hotel cyberattacks. Also that year Hilton, Mandarin Oriental, Trump Hotels and Starwood Hotels & Resorts Worldwide were affected by hacker attacks.

Hyatt isn’t the only major hotel company to have suffered a data breach in recent months. Most recently, a data breach at third-party hotel-reservations provider Sabre impacted multiple hotels, including those from Four Seasons Hotels and Resorts, Trump Hotels, Kimpton Hotels & Restaurants and RLH CorporationInterContinental Hotels Group also has announced two data breaches this year.

Suggested Articles

The revamped property will be developed in partnership with Mohari Hospitality.

Nationwide, the country's hotels reported RevPAR growth of 4.2 percent, but some cities are facing declines.

Scheduled to open in 2021, the Radisson Blu Hoi An will be on Hà My Beach, eight kilometers from Hoi An, the port town on Vietnam’s central coast.