Hyatt Hotels suffered a credit card breach at some of its locations, marking a second time that it has encountered such an issue in the past two years.
The most recent breach occurred between March 18 to July 2 and affected 41 Hyatt sites in 13 countries, according to a notice posted on Hyatt's website. Hyatt hotels in China took the brunt of the attack, affecting 18 hotel properties in that country, while three resorts in Hawaii were affected, as well as one in Guam and one in Puerto Rico.
"Based on our investigation, we understand that such unauthorized access to card data was caused by an insertion of malicious software code from a third party onto certain hotel IT systems," Hyatt stated on its site. "Our enhanced cybersecurity measures and additional layers of defense implemented over time helped to identify and resolve the issue. I want to assure you that there is no indication that information beyond that gained from payment cards – cardholder name, card number, expiration date and internal verification code – was involved."
The breach follows a similar breach in 2015, when 250 of Hyatt's hotels in 50 countries were affected, reports Krebs on Security.
Read more about the Hyatt breach here.
Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.