Australian Hyatt hotels hacked, guest credit card details stolen

By Chris Chamberlin, January 15 2016
Australian Hyatt hotels hacked, guest credit card details stolen
Disclaimer

Executive Traveller may receive a commission when you apply for these credit cards via our links.

You should seek independent advice and consider your own personal circumstances before applying for any financial product.

Hyatt Hotels is the latest hotel chain to fall victim to hackers stealing sensitive credit card information from guests around the world, including flagship properties in Australia.

The Park Hyatt Sydney, Grand Hyatt and Park Hyatt in Melbourne, Hyatt Hotel Canberra and Hyatt Regency Perth were among the hotels targetted over a six month period from July to December 2015, along with Hyatt hotels in Hong Kong, China, Singapore, the USA and Europe.

According to Hyatt, cards compromised by 'malware' software include those used primarily at hotel restaurants but also at spas, golf shops, car parks and at “a limited number of front desks”, with hackers collecting card numbers, cardholder names, expiration dates and verification codes.

“Protecting customer information is critically important to Hyatt,” said Chuck Floyd, Global President of Operations at Hyatt Hotels Corporation.

“We have been working tirelessly to complete our previously announced investigation regarding malware that targeted payment card data used at Hyatt-managed locations. We now have more complete information we want to share so that you can take steps to protect yourself,” he added.

It's not known if this wave of attacks is related to similar security breaches at Hilton and Starwood hotels revealed late last year but stretching back to November 2014, which saw similar details stolen from customer cards used at restaurants, gift shops and other point-of-sale systems.

Hyatt credit card hack: affected hotels, dates

Guest who stayed at any Hyatt hotel between July 30 2015 and December 8 2015 and presented a credit card at any time during their visit are advised to check the Hyatt website for the complete list of compromised hotels and the specific dates affecting each property.

(Being a US company, the dates on Hyatt’s list are formatted as mm/dd/yyyy, not the dd/mm/yyyy system used in Australia.)

If one or more of your hotel stays corresponds with the dates provided on the website, pay close attention to your credit card statements and double-check them for any unauthorised transactions that may have occurred since your stay, or even in the future.

Should you spot any unfamiliar payments on your account, report these to your credit card issuer immediately and prepare for your card to be replaced – which also involves the hassle of updating any direct debits you may have for things like gym memberships and insurance.

Guests who stayed at Hilton and Starwood hotels in 2014 and 2015 may also have had their credit card details compromised through similar malware attacks.

Follow Australian Business Traveller on Twitter: we're @AusBT

Disclaimer

Executive Traveller may receive a commission when you apply for these credit cards via our links.

You should seek independent advice and consider your own personal circumstances before applying for any financial product.

Chris Chamberlin

Chris Chamberlin is the Associate Editor of Executive Traveller, and lives by the motto that a journey of a thousand miles begins not just with a single step, but also a strong latte, a theatre ticket, and later in the day, a good gin and tonic.

Qantas - Qantas Frequent Flyer

15 Jan 2016

Total posts 2

I suspect I've been affected by this. One week after staying at one of the mentioned properties a number of fraudulent expenses popped up on the credit card I used. Of course it is a real pain to notify (or even remember) the new card number to all the direct debits and websites with your credit card details.

VA

17 Dec 2013

Total posts 51

Why is anyone surprised ?

Any organisation that holds customer's credit card details or other personal data (i.e. dob, address, middle name etc) is vulnerable. The issue is not just someone having a crack at your Amex, but with a minimum of personal data people can play havoc with your life and identity.

I withdrew from most marketing/points schemes last year because of this threat.

I regularly use prepaid load and go cards to pay for hotels, tickets, and internet transactions. I get a new one every couple of months or so. They aren't fashionable and there's no points in it but the amount of damage someone can do with it if they get hold of the details is limited. As opposed to getting hold of my Mastercard or Amex.

All you QFFers with your card details held by Qantas on your profile... It's drama waiting to happen.

Singapore Airlines - The PPS Club

14 Nov 2013

Total posts 42

Why Hyatt has not contacted us is beyond belief, i always stay at a hyatt in Melbourne and Singapore. Poor customer service from them in my opinion.

Virgin Australia - Velocity Rewards

06 Nov 2012

Total posts 23

My business partner got a brand new business credit card issued and the one of the first things he put on it was hotels for staff who were travelling in the US two weeks later.

On the day they returned home his card was being used for fraud transactions, so he had the card for four weeks before it was used fraudulently.

We originally thought that somebody was being dodgy at hotels where he completed manual paper card authorisation forms but it seems that with this it could be either or.


Hi Guest, join in the discussion on Australian Hyatt hotels hacked, guest credit card details stolen

Notice (8): Undefined variable: infiniteScroll [APP/views/news/view.ctp, line 216]
Notice (8): Undefined variable: infiniteScroll [APP/views/news/view.ctp, line 222]
Warning (2): Invalid argument supplied for foreach() [APP/views/news/view.ctp, line 222]