Security

Hyatt says hackers took card data from 250 of its hotels

'Protecting customer info is critically important,' says company that got pwned in 50 countries

Hotel staff

Hyatt Hotels says a total of 250 of its resorts were hit last year in a massive malware infection that stole customer payment card information.

The luxury resort chain said that locations in 50 countries were impacted by malware that collected payment card information from sales terminals at Hyatt restaurants, spas, golf shops, parking lots and check-in desks.

Hyatt first gave word of the attack just before Christmas and, having completed the investigation, has now posted the complete list of locations where the malware was found.

The infection, which harvested data between July 13 and December 8 of last year, collected customer credit card numbers, names, expiration dates and verification codes.

Hyatt says it has since cleared the infection and installed additional safeguards in hopes of preventing future attacks.

"Protecting customer information is critically important to Hyatt, and we take the security of customer data very seriously," Hyatt global president of operations Chuck Floyd said in announcing the 250 compromised locations.

"We have been working tirelessly to complete our investigation, and we now have more complete information that we want to share so that customers can take steps to protect themselves."

Hyatt is advising people who stayed at any of the 250 breached locations to keep a close eye on their bank statements and report any unauthorized charges. The hotel chain is also offering a free identity protection service to customers who stayed at the compromised hotels during the August-December infection period. ®

Sponsored: Customer Identity and Access Management