Hyatt Suffers Second Data Breach in Two Years

For the second time in two years, Hyatt has had a credit card data breach at its hotels.

Hyatt revealed last week it suffered a breach of its payment systems, exposing customer credit card data from 41 hotels in 11 countries worldwide.

It took Hyatt nearly three months to inform customers about the breach, which was discovered in July. The breach impacts customers who used credit cards at affected hotels from March 18 to July 2 of this year.

Based on Hyatt’s investigation into the breach, it appears that malicious software code from a third-party was inserted onto certain hotel information technology systems. A list of impacted hotels can be found here.

The country with the most number of properties affected was China, but there were also breaches in the U.S., South Korea, Saudi Arabia, and seven other nations.

In a statement, Chuck Floyd, global president of operations for Hyatt Hotels said, “I want to assure you that there is no indication that information beyond that gained from payment cards — cardholder name, card number, expiration date and internal verification code — was involved, and as a result of implemented measures designed to prevent this from happening in the future, guests can feel confident using payment cards at Hyatt hotels worldwide.”

Hyatt isn’t the only major hotel company to have suffered a data breach in recent months. Most recently, a data breach at third-party hotel-reservations provider Sabre impacted multiple hotels, including those from Four Seasons Hotels and Resorts, Trump Hotels, Kimpton Hotels & Restaurants, and Red Lion Hotels Corp.

InterContinental Hotels Group has announced two data breaches this year, and HEI Hotels & Resorts, which owns and operates Marriott, Starwood, Hyatt, and InterContinental properties, also suffered a credit card data breach that it revealed in August 2016.

Customers wanting more information regarding the Hyatt data breach can call various numbers for Hyatt in different regions.