Hyatt suffers another card breach

Hyatt Corp. has warned customers about a credit card breach at some of its hotels, the second such incident in as many years.

KrebsonSecurity reports that the company's cyber security team discovered signs of unauthorised access to payment card information from cards manually entered or swiped at the front desk of certain Hyatt-managed locations between 18th March 2017 and 2nd July.

“Upon discovery, we launched a comprehensive investigation to understand what happened and how this occurred, which included engaging leading third-party experts, payment card networks and authorities,” it said in a statement. “Hyatt’s layers of defence and other cybersecurity measures helped to identify and resolve the issue. While this incident affects a small percentage of total payment cards used at the affected hotels during the at-risk dates.”

The incident affected the following information: cardholder name, card number, expiration date and internal verification code. There is no indication that any other information was involved, Hyatt says.

Over a four month period in 2015, hackers gained access to credit card systems at 250 properties in 50 different countries. This time, the breach appears to have impacted 41 properties across 11 countries. Only five affected in this most recent breach included US locations, including three resorts in Hawaii and one each in Guam and Puerto Rico. The nation with the largest number of Hyatt properties impacted was China (18).