Hyatt says payment processing systems at Vietnam properties hacked
Tuoi tre news
Updated : 01/17/2016 12:16 GMT + 7
Properties managed by Hyatt Hotels Corporation in Vietnam have fallen victim to a security breach in which payment card data, including internal verification codes, might have been leaked via malware.
The hospitality giant said in a press release on January 14 that it had completed an investigation into a previously announced payment card incident.
The probe identified signs of unauthorized access to payment card data from cards used onsite at certain Hyatt-managed locations, primarily at restaurants, between August 13, 2015 and December 8, 2015, the press release said.
A small percentage of the at-risk cards were used at spas, golf shops, parking, and a limited number of front desks, or provided to a sales office during this time period.
The at-risk window for a limited number of locations began on or shortly after July 30, 2015.
A piece of malware was designed to collect such payment card data as cardholder names, card numbers, expiration dates, and internal verification codes from cards used onsite as the data was being routed through affected payment processing systems, Hyatt said in the release.
There is no indication that other customer information was affected, it added.
The Wall Street Journal cited Hyatt as saying that unauthorized access to payment card data was detected at 250 hotels in about 50 countries around the world.
Park Hyatt Saigon in Ho Chi Minh City and Hyatt Regency Danang Resort and Spa in Da Nang were among the hacked locations, according to what was found by Tuoi Tre News from a list of affected sites provided by Hyatt on its website.
Hyatt said it had worked quickly with leading third-party cyber security experts to resolve the issue and strengthen the security of its systems.
The company added it had also notified law enforcement and the payment card networks.
As previously communicated, customers can confidently use payment cards at Hyatt hotels worldwide, the global hospitality firm noted.
“Protecting customer information is critically important to Hyatt, and we take the security of customer data very seriously,” Chuck Floyd, global president of operations for Hyatt, was quoted as saying in the press release issued from Chicago.
“We have been working tirelessly to complete our investigation, and we now have more complete information that we want to share so that customers can take steps to protect themselves. Additionally, we want to assure customers that we took steps to strengthen the security of our systems in order to help prevent this from happening in the future.”
Hyatt encourages customers to review their payment card account statements closely and to report any unauthorized charges to their card issuer immediately.