Hyatt gives more malware attack details
Hyatt Hotels Corp said a previously reported malware attack to steal payment card data occurred between August 13 and December 8, primarily at its restaurants.
The company listed affected locations worldwide and the period when they were at risk, on its website. (http://bit.ly/1mhTUu8)
?We do not know the number of customers affected at this time,? said company spokeswoman Stephanie Sheppard.
The company said it had identified unauthorised access to data on cards used at certain Hyatt-managed locations, primarily its restaurants. The company also said the ?at-risk window for a limited number of locations began on or shortly after July 30.
The malware was designed to collect data such as cardholder name, card number, expiration date and internal verification code, the company said.
Hyatt said it has notified the appropriate country and state regulators and is working with the US Federal Bureau of Investigation.
It has also arranged an identity protection and fraud detection firm to provide one year of free services to affected customers.
The company disclosed in December that its payment processing system was infected with malware but did not mention how long its network was infected.