Hyatt Hotels announced that they had been hit with their second payment card breach in as many years. According the a message from Hyatt’s Global President of Operations, this breach involved “unauthorized access to payment card information from cards manually entered or swiped at the front desk of certain Hyatt-managed locations” this spring and summer. Hyatt’s informational webpage on the breach included a list of 41 locations spread across 13 countries affected by the breach, including three locations in Hawaii. The Grand Hyatt Kauai Resort and Spa in Koloa, The Hyatt Regency Maui Resort and Spa in Lahaina, and The Andaz Maui at Wailea Resort in Wailea were all affected from 18 March to 2 July 2017.
The statement continues, “Based on our investigation, we understand that such unauthorized access to card data was caused by an insertion of malicious software code from a third party onto certain hotel IT systems,” and that the data accessed was “cardholder name, card number, expiration date and internal verification code.”
Dark Reading, Hyatt Hit With Another Credit Card Breach
Hyatt, Protecting Our Customers, HOTEL LIST
Threatpost, Hyatt Hit By Credit Card Breach, Again