After alerting customers to a malware issue with its payment systems last year, hotel chain Hyatt has now revealed that more than half of its 627 properties left customers exposed to having credit card details stolen.
Hotels in the US, Canada and the UK are among the 318 owned by the group whose systems were infected with malware, opening up “unauthorized access” to the names, numbers and expiry dates of its customers’ credit cards.
This included seven of the chain’s sites in NYC, three in DC and two in London, with the full list available here.
The company says it was mainly restaurant transactions that were affected between July 30 and December 8 last year, but also included a number of spa, parking lot and front-desk payments too.
It is in the process of contacting cardholders whose names were exposed and has urged its customers to “remain vigilant and to review your payment card account statements closely.”
The company alerted police and card payment processors during its month-long investigation.