Malware again checks into Hyatt's hotels, again checks out months later with victims' credit cards

Hyatt grievance, see?


Hyatt has provided the perfect excuse for folks trying to explain to bosses or spouses why a film they watched in their hotel room for just seven minutes appeared on their company or personal credit card.

Its computer systems were earlier this year hacked by miscreants, who infected payment terminals with malware that siphoned off people's credit card numbers to the scumbags. These details could be used to clone cards and go on spending sprees online, and basically rack up bills on someone else's dime.

In a statement today, the chain admitted that between March 18 and July 2, 41 of its hotels in about a dozen countries were infiltrated by the software nasty. There's a list here. The majority of the infected locations are in China and elsewhere in Asia, although three Hyatt hotels in Hawaii were also hit.

The chain said it can't tell exactly whose card data was slurped. Hyatt staff have advised those who have stayed in the affected hotels to check their credit card statements carefully.

"We understand that such unauthorized access to card data was caused by an insertion of malicious software code from a third party onto certain hotel IT systems," Chuck Floyd, global president of operations, said in a statement.

Hotel scene - suitcase propped up against freshly made bed. Image by Shutterstock

Secret shaggers, rejoice! Now you can blame that Hyatt credit card bill on hackers

READ MORE

"I want to assure you that there is no indication that information beyond that gained from payment cards – cardholder name, card number, expiration date and internal verification code – was involved, and as a result of implemented measures designed to prevent this from happening in the future, guests can feel confident using payment cards at Hyatt hotels worldwide."

So that's it, nothing to worry about. The hackers only got just enough information to copy your credit cards, with verification numbers, and go wild online to potentially knacker your credit ratings. And Hyatt has implemented measures to stop it happening again.

Which is odd, because that's pretty much what it said in December 2015 when the same thing happened – even reusing the website hyatt.com/notice/protectingourcustomers from that security breach for this latest cockup. Back then, Chuck offered similar platitudes to affected customers.

"Protecting customer information is critically important to Hyatt, and we take the security of customer data very seriously," he said. Based on today's news it's back to the drawing board. ®

Similar topics

Broader topics


Other stories you might like

  • Israeli air raid sirens triggered in possible cyberattack
    Source remains unclear, plenty suspect Iran

    Air raid sirens sounded for over an hour in parts of Jerusalem and southern Israel on Sunday evening – but bombs never fell, leading some to blame Iran for compromising the alarms. 

    While the perpetrator remains unclear, Israel's National Cyber Directorate did say in a tweet that it suspected a cyberattack because the air raid sirens activated were municipality-owned public address systems, not Israel Defense Force alarms as originally believed. Sirens also sounded in the Red Sea port town of Eilat. 

    Netizens on social media and Israeli news sites pointed the finger at Iran, though a diplomatic source interviewed by the Jerusalem Post said there was no certainty Tehran was behind the attack. The source also said Israel faces cyberattacks regularly, and downplayed the significance of the incident. 

    Continue reading
  • Hackers weigh in on programming languages of choice
    Small, self-described sample, sure. But results show shifts over time

    Never mind what enterprise programmers are trained to do, a self-defined set of hackers has its own programming language zeitgeist, one that apparently changes with the wind, at least according to the relatively small set surveyed.

    Members of Europe's Chaos Computer Club, which calls itself "Europe's largest association of hackers" were part of a pool for German researchers to poll. The goal of the study was to discover what tools and languages hackers prefer, a mission that sparked some unexpected results.

    The researchers were interested in understanding what languages self-described hackers use, and also asked about OS and IDE choice, whether or not an individual considered their choice important for hacking and how much experience they had as a programmer and hacker.

    Continue reading
  • Stolen-data market RaidForums taken down in domain seizure
    Suspected admin who went by 'Omnipotent' awaits UK decision on extradition to US

    After at least six years of peddling pilfered personal information, the infamous stolen-data market RaidForums has been shut down following the arrest of suspected founder and admin Diogo Santos Coelho in the UK earlier this year.

    Coelho, 21, who allegedly used the mistaken moniker "Omnipotent" among others, according to the US indictment unsealed on Monday in the Eastern District of Virginia, is currently awaiting the outcome of UK legal proceedings to extradite him to the United States.

    The six-count US indictment [PDF] charges Coelho with conspiracy, access device fraud, and aggravated identity theft following from his alleged activities as the chief administrator of RaidForums, an online market for compromised or stolen databases containing personal and financial information.

    Continue reading

Biting the hand that feeds IT © 1998–2022