Hyatt fully disclosed the hack and its details, saying that it involved "unauthorized access" to payment card information from cards manually entered or swiped at the front desk of certain Hyatt-managed locations between March 18 and July 2.
They said at the time they: 'discovered malicious software created to steal credit card data on computers that operate the payment processing systems for Hyatt-managed locations'.
The hotel chain said the incident affected payment card information - cardholder name, card number, expiration date and internal verification code - from cards manually entered or swiped at the front desk of certain Hyatt-managed locations.
"Upon discovery, we launched a comprehensive investigation to understand what happened and how this occurred, which included engaging leading third-party experts, payment card networks and authorities", the company said in a statement.
Did you stay at a Hyatt earlier this year? "Hyatt's layers of defense and other cybersecurity measures helped to identify and resolve the issue". We have directly contacted all guests for whom we have appropriate and reliable contact information that used payment cards at affected hotels during the at-risk dates.
The company says it is has implemented additional security measures to strengthen the security of its systems and that "Customers can confidently use payment cards at Hyatt hotels worldwide".
Amazon.com, Inc. (AMZN) Rating Reiterated by Atlantic Securities
The e-commerce giant reported $0.40 EPS for the quarter, missing the Thomson Reuters' consensus estimate of $1.40 by ($1.00). They now have a $1,350.00 target price on the e-commerce giant's stock, up from their previous target price of $1,100.00.
It was the latest significant hack to target the hotel chain since its last data breach in December 2015.
This is the second such breach suffered by Hyatt Corp.in as many years. Additional Hyatt hotels in Brazil, China, Columbia, Guam, India, Indonesia, Japan, Malaysa, Mexico, Saudi Arabia, and South Korea were also affected. That same year saw other major hoteliers impacted by payment card breaches and malware attacks, including Hilton, Starwood Hotels & Resorts, Trump Hotels and White Lodging Hotel Service Corp. In July, the California-based Wilshire Law Firm filed a proposed class-action lawsuit in a federal district court against Sabre Corp. for the eight-month-long data breach of its Synxis Central Reservation System.
Steve Moore, vice president and chief security strategist at Exabeam Inc.
"The email would contain a VBScript or macros that download malware, and continue with password stealing and enabling remote desktop".