Last month we brought you the news that Hyatt had discovered malware in its credit card processing systems. Obviously, that’s the last place you’d want to find malware in a hotel chain. While the company said that it was investigating the issues, we didn’t get much information pertaining to how long the malware was on the system, and how many locations were affected. Hyatt has come forward today to answer those questions.
Regarding the number of locations affected, Hyatt has said that 250 locations in 50 different countries have been affected. For the most part, the dates where card information could have been exposed ran from August 13 to December 8 of last year. If you stayed at a Hyatt hotel, you can use this tool to see if the location you visited was affected, along with a list of dates they believe that the malware was present.
The good news is that it appears that most of the cards were only accessed when used at hotel restaurants. A small number were accessed when using things like spas, golf shops, parking, and “a limited number of front desks.” So if you didn’t eat at the hotel when you stayed, you can breathe a little easier.
The company is contacting customers who were affected to let them know of their discoveries, along with the steps that they have taken to secure their systems in the future. They are also offering one years of CSID’s Protector service to all affected customers, free of charge. CSID’s Protector service helps users with fraud detection, which I’m sure all of the affected people would appreciate.