by Joseph Young
American International hotels operator Hyatt Hotels Corporation has issued a warning to its users regarding the vulnerability of its customer payment system.
According to Hyatt’s global president of operations Chuck Floyd, the hotel group had found various malware on the payment processing computers, which has affected 318 properties in its portfolio of 627.
Since the beginning of 2015, leading hotel groups including the Hilton, Trump Collection and Mandarin Oriental have reported serious hacking incidents which successfully gained access to its payment information and sensitive user financial data.
According to financial and bitcoin experts, including Eric Voorhees, the CEO and founder of popular cryptocurrency exchange Shapeshift, an increasing number of corporations such as the Hyatt Group are being targeted by hacking attacks due to the independent and centralized servers they utilize to keep track of financial data.
Peer-to-peer and decentralized currencies like bitcoin do not require businesses or users to provide financial data. All transactions are settled on peer-to peer-networks, where payments are encrypted using complex cryptographic algorithms.
However, centralized payment networks like credit card and banking systems require personal information such as social security number, address, name, and financial data, in order to support their transactions. The storage of such sensitive information leaves payment networks and systems vulnerable to data breaches, even with the implementation of high standard security systems and protocols.
According to the Bureau of Justice Statistics, identity and financial data theft has caused over US$24 billion in losses in 2012, compared with only US$14 billion for all household burglary, vehicle and property theft combined.
Currently, the Hyatt Group is running several investigations and conducting research to enhance its security systems and measures. The company has not disclosed whether its sensitive customer financial data was accessed by the malware. However, the firm, in consultation with cyber experts, is examining the malware and exploring solutions to implement in its existing payment systems.
The corporation temporarily has set up a web page titled “Protecting Our Customers” to update its customers regarding the status of the improvement of its security systems and the condition of user data.
“As always, we encourage customers to review their payment card account statements closely and to report any unauthorized charges to their card issuer immediately. Payment card rules generally provide that cardholders are not responsible for unauthorized charges that are timely reported,” the website states.