Credit Card breach attacked Hyatt Corporation again. It is the second time since December 2015, when Hyatt hotel guests were informed about a possible danger of credit card breach.
The hotelier reported about the unauthorized access to credit card information in 41 of Hyatt hotels in 13 countries worldwide.
The breach the hardest kitted Hyatt hotels located in China – in total 18 hotels. The impacted hotels also were located in the United States (3 hotels), Saudi Arabia, Japan, and India.
Hyatt announced that the breach affected customers who entered their credit card information manually or swiped at the front desk.
Chuck Floyd, a Global President of Operations for Hyatt Corporation reported on an open letter on its website:
Based on our investigation, we understand that such unauthorized access to card data was caused by an insertion of malicious software code from a third party onto certain hotel IT systems. I want to assure you that there is no indication that information beyond that gained from payment cards—cardholder name, card number, expiration date and internal verification code—was involved.
According to the president, the credit card breaches had an impact on only “a small percentage of payment cards used by guests who visited the group of affected Hyatt hotels during the time period.” C. Floyd also noted that implemented measures will prevent similar attacks.
It is the second credit card breach at Hyatt hotels. The first one took place on December 23, 2015. At that time the breach impacted on 250 hotels in at least 50 countries.
Hyatt Corporation published statement that indicated that “Hyatt has taken steps to strengthen the security of its systems, and customers can feel confident using payment cards at Hyatt hotels worldwide.”
However, the breach targeted Hyatt again and with it, the Corporation joined a range of hotels that were targeted by attackers who invade credit card data.
The list of corporations that reported compromised or breaches includes InterContinental Hotels Group, Travel services company Sabre Corporation and the Hard Rock Hotels and Casinos.
A security company Trustwave provided the information that cyber attacks in hospitality industry increase rapidly.
Cybercriminals behind these kinds of attacks, such as Carbanak cybercrime gang, moved their strategy from financial organizations to hospitality and restaurant industries. The attackers have been attempting to trick customer service representatives in order to get them accept and download malicious emails. The overall target is credit card information, the security firm reported.