Hyatt Hotels says its card payment systems were breached. It discovered the attack three weeks ago. Hyatt says malware infected its payment processing system at hotels it directly manages, not at its franchised units.
If you have stayed with Hyatt, review your credit-card statement right away for any unusual activity. Most card companies won’t hold you liable for fraudulent charges—and even if they do, the maximum you could get dinged is only $50, by law.
Investigators from FireEye are looking into the attack. No word yet on how many of Hyatt’s 318 hotels involved were affected, how long they were infected or if attackers stole card numbers. A call center rep said the malware was programmed to access cardholder names, numbers, expiration dates, and internal verification codes.
Hyatt joins Hilton and Starwood on the list of major hotel chains to be hit by hackers since October.
Raymond James lodging analyst William Crow notes that consumers no longer panic the way they did with the Target Black Friday breach two years ago, saying, “Consumers are understanding some of the risks … The ultimate shock reaction has worn off a bit here.”
Hyatt says it has fixed the problem and that customers can feel confident using their cards at its hotels.