Hyatt Hotels Confirm Security Breach in Payments System

December 29, 2015         By: Michael Cheng

Hyatt Hotels is the latest large-scale brand to fall victim to crippling security attacks.

The group recently released a statement, indicating that criminals used a malware to infiltrate and capture sensitive customer information from its payments system, which could include credit card data, cardholder names and verification codes.

“We recently identified malware on computers that operate the payment processing systems for Hyatt-managed locations. As soon as we discovered the activity, we launched an investigation and engaged leading third-party cyber security experts,” said Chuck Floyd, Global President of Operations at Hyatt Hotels Corporation, in a message.

Stephanie Sheppard, a spokeswoman for the company, mentioned that the malware was discovered on November 30. Ongoing investigations are primarily focused on POS terminals, payment processing networks and related infrastructure.

The third-party group that is helping Hyatt in the investigation is FireEye Inc. Also providing real-time support is the brand’s call center department.

“As always, we encourage customers to review their payment card account statements closely and to report any unauthorized charges to their card issuer immediately. Payment card rules generally provide that cardholders are not responsible for unauthorized charges that are timely reported,” clarified Floyd, as a precautionary measure.

The company is currently the fourth major hotel establishment in Q4 of 2015 to confirm a security breach. Prior to the incident, Hilton Worldwide Holdings Inc, Starwood Hotels & Resorts Worldwide Inc and Trump Hotel Collection warned the public about a possible data security attack.

In November, iSight Partners, a cyber intelligence and technology firm, issued a warning to merchants about a new malware called ModPOS. It is capable of penetrating most payment networks.

Many suspect that ModPOS is responsible for the data breach. The hotel group did not comment on the connection between the malware and the attacks.