Hotel giant Hyatt Hotels is notifying its customers for the second time in two years of yet another payment card data breach.
Security officials spotted unauthorized access to payment card information from cards entered manually or swiped at the front desk of certain Hyatt-managed locations between March 18, 2017 and July 2, 2017.
The information said to be compromised includes cardholder names, card numbers, expiration dates, and internal verification codes. The number of impacted customers is still being investigated at this time. But we do know that the breach affects 41 Hyatt facilities across 11 countries.
Even worse? Hyatt was breached back in 2015 and impacted 250 Hyatt locations in over 50 countries after payment card processing systems were infected with malware. One thing that seems evident is that hotels using certain POS systems are being targeted by hackers, and have proven to be rather successful. Hotels acquire mass amounts of credit card data from customers between dining at a hotel restaurant, utilizing the hotel spa services, parking, and at the front desk.
While the PCI DSS Compliance Standard requires an organization to implement solutions like system hardening and File Integrity Monitoring, few retailers operate these requirements sufficiently well. It’s important that companies within the hospitality industry understand that implementing security solutions like File Integrity Monitoring and System Hardening are essential to securing your IT estate and valuable consumer payment credentials.
Read the full article on InfoSecurity Magazine