Another major hotel chain suffered a data breach. Last week, Hyatt Hotels notified customers through a post on their website that it discovered malicious software on its point of sale systems.
The company only said that it is currently conducting an investigation into the discovery, so details at this point in time are scarce. Hyatt Hotels is working with "leading third party cyber security experts" and have eliminated the malware from its systems.
"Hyatt has taken steps to strengthen the security of its systems, and customers can feel confident using payment cards at Hyatt hotels worldwide," the company stated in the release.
Hyatt is urging customers to review card statements and report any fraudulent charges immediately. The chain also informed customers that updates on the investigation will be posted to the "protecting our customers" portion of its website.
According to Krebs on Security, the company operates 627 properties in 52 countries as of Sept. 30. It is currently unclear how many of these properties were affected or for how long.
This year has not been a notable one for major hotel chain cyber security. Trump Hotels, Starwood Hotels, Hilton and others have been hacked in this same fashion: malware installed in point of sale systems. Interestingly, in these cases it was not the hotel systems themselves that were affected, but, rather, those of retail stores and restaurants located on the properties. Hyatt has yet to disclose what specific systems were impacted, saying only that malware was found in "payment processing systems for Hyatt-managed locations."
It will be interesting to see more details emerge about how this incident aligns with the previous hotel breaches.
Situations like this showcase the importance of having a robust disaster recovery plans. To find help develop a plan for your business, consider seeking the advise of a disaster recovery planning consultant.