Call us today on: +44 (0)203 88 020 88
SecureTeamSecureTeamSecureTeamSecureTeam
  • Home
  • Our Services
    • Infrastructure Testing
      • Internal Network Penetration Test
      • External Network Penetration Test
      • Wireless Network Penetration Test
      • Vulnerability Assessment
      • Network Segregation Test
      • Voice over IP (VoIP) Penetration Test
    • Application Testing
      • Web Application Penetration Test
      • Mobile Application Penetration Test
      • Desktop Application Security Assessment
      • Citrix Breakout Test
    • Configuration Review
      • Windows Server Build Review
      • Linux Server Build Review
      • Citrix Configuration Review
    • Information Assurance
      • ISO 27001 Gap Analysis
    • Cyber Essentials
  • News
  • Articles
  • About
    • About SecureTeam
    • STORM Appliances
      • Installing a STORM Device
      • Returning a STORM Device
    • White-Label Consultancy
    • Jobs
    • Cookie Policy
    • Privacy Notice
    • Website Terms & Conditions
  • Contact Us

News

Home  >  News  >  Cardholder Data Stolen in Latest Hyatt Hotels Security Breach
NextPrevious
Hyatt Hotels - security breach

Cardholder Data Stolen in Latest Hyatt Hotels Security Breach

News | 14 October, 2017 | 1

The global hotel chain Hyatt Hotels informed their customers this week that their credit card details may have been stolen as a direct result of a recent security breach.

Chuck Floyd (Global President of Operations for Hyatt Hotels) revealed in a statement that the security breach took place between March 18, 2017 and July 2, 2017 and affected 41 individual locations that are managed by the Hyatt Hotels group in 11 countries.

Chuck wrote, “Upon discovery, we launched a comprehensive investigation to understand what happened and how this occurred, including engaging leading third-party experts, payment card networks and authorities. Based on our investigation, we understand that such unauthorized access to card data was caused by an insertion of malicious software code from a third party onto certain hotel IT systems. Our enhanced cybersecurity measures and additional layers of defense implemented over time helped to identify and resolve the issue.”

It is understood that the security breach allowed the attackers access to cardholder names, card numbers, expiration dates and internal verification codes used by the hotel group. While Hyatt maintain that no information was obtained that allow customers to be identified (other than their cardholder information), Hyatt customers who have been affected by the recent security breach, will most certainly face an increased risk of falling victim to credit card fraud.

This isn’t the first time that Hyatt Hotels have suffered a security breach that affected their customers cardholder data. In 2015, a security breach occurred when malware that was capable of stealing cardholder data was discovered on payment systems that were in use in Hyatt hotels and restaurants, affecting a staggering 250 hotels in around 50 countries.

References

https://www.hyatt.com/notice/protectingourcustomers/

https://krebsonsecurity.com/2016/01/hyatt-card-breach-hit-250-hotels-in-50-nations/

Subscribe to our monthly cybersecurity newsletter
Stay up-to-date with the very latest cybersecurity news & technical articles delivered straight to your inbox
We hate spam as much as you do. We will never give your email address out to any third-party.

cyber crime, cyber security, cyber security news, Data Protection

Related Post

  • Laptop data breach in Norway

    Huge attack on Norway’s health care systems may have exposed half the population

    By Ian Reynolds

    A massive security breach in Norway’s Health South-East Regional Health Authority may have exposed the personal health records of 2.9 million people. Covering ten counties, Health South-East RHA is responsible for the health care ofRead more

  • The Top 10 vulnerabilities being exploited today

    By Mark Faithfull

    The NSA (National Security Agency) recently published a security advisory about the publicly known vulnerabilities currently being exploited by Chinese state-sponsored actors. While this security advisory is focused on the activities of state-sponsored actors, itRead more

  • NatWest offers free security software to customers

    By Mark Faithfull

    NatWest Bank has partnered with Malwarebytes to provide endpoint protection software to NatWest customers.  Malwarebytes Premium edition will be available to download for free from within NatWest customer’s online banking portal.  NatWest is the onlyRead more

  • Travelex offline due to cyber-attack

    By Mark Faithfull

    In a statement posted on Twitter, Foreign Exchange specialist Travelex confirms that its systems had been subject to a cyberattack on New Years Eve and that many systems and services had been taken offline asRead more

  • Fileless Mac malware targets crypto exchanges

    By Mark Faithfull

    The North Korean Lazarus hacker group is targeting crypto-exchanges with innovative fileless Mac malware. Security researcher Patrick Wardle describes this new fileless Mac malware strain in a recent blog post. The malware infects the machineRead more

NextPrevious

Recent Posts

  • CISA Warns of Pass-the-Cookie attack
  • Microsoft Patches Critical Bugs
  • Flash is dead – now delete it from your system
  • 100000 Zyxel firewalls have hardcoded backdoor exposed
  • When Good Employees Go Bad

Tags

Android blockchain Bluetooth Chrome Cisco credential stuffing cyber crime cyber essentials cyber security cyber security news Data Protection DNS Ethereum Exchange Server exim fileless formjacking GDPR Intel IoT Linux MacOS Meltdown microsoft ncsc patching penetration testing phishing ransomware RDP Row Hammer security breach Security operations security testing SIEM Spectre supply chain attacks Sysinternals Tomcat TPM VNC vulnerability management web applications web browsers wireless

Archives

  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • July 2018
  • June 2018
  • April 2018
  • January 2018
  • October 2017
BCS Cyber Essentials Cyber Essentials Cyber Essentials PLUS ISO 9001 ISO 27001
information. secured.
  • Home
  • Our Services
    • Infrastructure Testing
      • Internal Network Penetration Test
      • External Network Penetration Test
      • Wireless Network Penetration Test
      • Vulnerability Assessment
      • Network Segregation Test
      • Voice over IP (VoIP) Penetration Test
    • Application Testing
      • Web Application Penetration Test
      • Mobile Application Penetration Test
      • Desktop Application Security Assessment
      • Citrix Breakout Test
    • Configuration Review
      • Windows Server Build Review
      • Linux Server Build Review
      • Citrix Configuration Review
    • Information Assurance
      • ISO 27001 Gap Analysis
    • Cyber Essentials
  • News
  • Articles
  • About
    • About SecureTeam
    • STORM Appliances
      • Installing a STORM Device
      • Returning a STORM Device
    • White-Label Consultancy
    • Jobs
    • Cookie Policy
    • Privacy Notice
    • Website Terms & Conditions
  • Contact Us
SecureTeam
SecureTeam use cookies on this website to ensure that we give you the best experience possible. If you continue to use our site we will assume that you are happy with cookies being used.OkRead more