Sunday 17 January 2016

Hyatt had 250 properties hacked. What can you do to protect yourself?

Hyatt Hotels Corp. announced Thursday that 250 of its properties have fallen prey to a complex hacking scheme and that customers’ credit card data may be at risk, the Wall Street Journal reports. The hack has affected Hyatt restaurants, spas, front desks and parking facilities — essentially any and all opportunities for ancillary credit card fees — in 50 countries around the world.
In a statement, Hyatt’s Global President of Operations Chuck Floyd said:
The investigation identified signs of unauthorized access to payment card data from cards used onsite at certain Hyatt-managed locations, primarily at restaurants, between August 13, 2015 and December 8, 2015. …(but) the at-risk window for a limited number of locations began on or shortly after July 30, 2015.
The malware was designed to collect payment card data – cardholder name, card number, expiration date and internal verification code – from cards used onsite as the data was being routed through affected payment processing systems. There is no indication that other customer information was affected.
The Hyatt hack is just the latest in an ever-growing string of almost identical security breaches at some of the world’s largest hospitality brands. Hilton, Trump and Starwood hotels each suffered serious hacks in 2015. By now, the post-hack playbook is all but standard for these brands:
  1. Regrettably announce the security breach.
  2. Ask guests to check for fraudulent charges between a curiously vast period of time.
  3. Offer customers a free credit- monitoring subscription
  4. And finally, hope that the news passes by quickly.
The Wall Street Journal’s Robin Sidel notes that we are increasingly likely to see stories like these play out in the future, as the hotel industry is mired by a complicated web of authority, because individual properties are often owned and operated by separate authorities. And as such, the big brand whose name is lit up on top of a hotel may see mandating a specific type of cyber security as a potential liability. This creates a frustrating quagmire for guests wherein the linens and towels at Hyatt hotels across the nation are identical, even as the degree of safekeeping applied to customer credit card information fluctuates wildly.
So what can customers away from home do in this age of not if, but when, hackings? For starters, be discerning when it comes to connecting to free, public Wi-Fi networks. Connecting to a vulnerable wireless hotspot is an open invitation for hackers to access your personal and financial information.
But the number one thing that customers should be doing to protect themselves from hacking harm is closely monitoring their financial accounts, even long after a trip has ended. Financial overview apps like Mint can alert users to unusual transactions weeks after we’ve returned home and let our guard down. And while it may not have helped those who had their financial data stolen by the Hyatt hackers, it never hurts to update your passwords after a trip out of town.

No comments:

Post a Comment

ad2