PaymentsJournal
No Result
View All Result
SIGN UP
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
PaymentsJournal
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
No Result
View All Result
PaymentsJournal
No Result
View All Result

Hyatt Breach Affected 250 Hotels Worldwide

By Sarah Grotta
January 19, 2016
in Analysts Coverage
0
0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

The announcement that Hyatt was the latest in the continuing string of significant payment data breaches. Similar to other events like this, the data was stolen over a period of several months:

The investigation found that the attackers used malware to collected cardholder names, card numbers, expiration dates and verification codes from systems at a total of 250 hotels worldwide — a list of affected hotels can be viewed here.

The investigation identified signs of unauthorized access to payment card data from cards used onsite at certain Hyatt-managed locations, primarily at restaurants, between August 13, 2015 and December 8, 2015,” Chuck Floyd, Hyatt global president of operations, said in a statement.

What is different about hotel operations is that many transactions are executed using card on file data that, in this case, was clearly compromised. Also, what complicates the process here is that many full service hotels are really operating several businesses including small shops, spas, plus bars and restaurants. Bars and restaurants have been particularly slow to adopt to EMV readers and other forms of data protection since on a standalone basis, they provide less financial benefit. Restaurants and bars don’t see a lot of compromised card fraud. In this scenario, the business case is different and at least for Hyatt, had far reaching implications, requiring a re-examination of the business model.

In this article regarding the Hyatt event, Mark Bower, global director of product management for enterprise data security at HPE Security – Data Security, provided background on the consideration of combining both EMV and encryption:

“Many organizations have improved POS security with new card reading systems that encrypt the data before it arrives at the POS. “Given the need to update the POS to handle EMV chip cards, the addition of encryption to protect the sensitive data from all forms of payment card is a no-brainer,” he said. “If the POS is compromised with this approach, the attackers get nothing. This data-centric approach is realistically the only way to avoid POS malware impact. Traditional approaches of monitoring and anti-virus will only be effective until the next undetectable malware arrives.”

Overview by Sarah Grotta, Director, Debit Advisory Service at Mercator Advisory Group

Read the full story here

0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Get the Latest News and Insights Delivered Daily

    Subscribe to the PaymentsJournal Newsletter for exclusive insight and data from Javelin Strategy & Research analysts and industry professionals.

    Must Reads

    commercial card, Allpay ClearBank Prepaid Payments, wealth transfer

    How Banks Can Capture the Wealth Transfer from Boomers to Gen Z

    June 20, 2025
    embedded lending

    Embedded Lending as a Growth Strategy for ISVs—How to Maximize Revenue Potential

    June 18, 2025
    merchant ai

    Merchants Find More Use Cases for AI Amid Risks

    June 17, 2025
    prepaid payroll

    Taking the Check Out of Paycheck: The Role of Prepaid in Payroll

    June 16, 2025
    Banking-as-a-service BaaS

    Remodeling Main Street: How Community Banks Can Leverage the Banking-as-a-Service Paradigm

    June 12, 2025
    How Employee Performance Enhances the Customer Experience

    Three Strategies to Maximize Loyalty in the AI-Driven World 

    June 11, 2025
    PFM tools

    How FIs Are Cutting Through Subscription Clutter with PFM Tools

    June 10, 2025
    child identity theft

    Stranger Danger: Protecting Your Children from Identity Theft

    June 9, 2025

    Linkedin-in X-twitter
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter

    ©2024 PaymentsJournal.com |  Terms of Use | Privacy Policy

    • Commercial Payments
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    No Result
    View All Result