Hyatt Security Summary

User Generated

pnzreba5159

Computer Science

Description

250 Hyatt hotels infected last year with payment data stealing malware

"The Hyatt hotel chain has revealed that almost half of its properties were infected with malware last year and customer financial data may have been stolen.

According to the company, 250 hotels out of 627 in the firm's portfolio were infected with information-stealing malware from August 13 to December 8, 2015. Some locations may have been affected as early as July 30, 2015.

Hyatt has published a global list of sites that were compromised.

The list reveals hotels in 54 countries were impacted by the security breach. Hotels in countries including the US, UK, China, Germany, Japan, Italy, France, Russia and Canada were compromised, among others.

China, India and the United States are at the top of the list for malware-ridden hotel systems, with 22, 20 and 99 infected sites respectively.

Hyatt says that following an investigation, "signs of unauthorized access to payment card data from cards used onsite at certain Hyatt-managed locations" were discovered.

While malware was exposed mainly at restaurants, some spas, parking, golf shops, front desk reception systems and sales offices were also impacted.

The chain says the malware in question was designed to steal financial data including cardholder names, card numbers, expiration dates and internal verification codes, which are used onsite to verify transactions. According to the company, the malicious code harvested credentials as they passed through Hyatt's infected payment processing systems.

In a statement, Hyatt's global president of operations Chuck Floyd said:
"Please be assured that we take the security of customer data very seriously. We deeply regret the inconvenience and any concern this may have caused you."
Hyatt is in the process of notifying customers by post or email when cardholder names were taken, and have notified authorities. However, the company says they cannot notify everyone who may have been affected due to a lack of contact information.

Hyatt is offering a year of credit monitoring via CSID to potential data theft victims.

The hotel chain says:
"While customers can confidently use payment cards at Hyatt hotels worldwide, any payment card that was used onsite at an affected location during the respective at-risk dates could still be subject to fraud even if you have not yet seen fraudulent activity.
We are continuing to work closely with payment card companies to identify potentially affected cards so that the banks that issued those cards can be made aware and initiate heightened monitoring of those cards."

Task Description
Based on the information provided, explain the possible ways Hyatt could have been infected with the data stealing malware, and the protective measures you would implement to prevent an incident like this from recurring.

*** 3-4 Pages in length in APA format with an executive summary. Also a reference page with 3 references***

User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

please find the attached file. i look forward to working with you again. good bye

Running head: HYATT HOTELS

1

Hyatt Hotels
Course Title
Student Name
University Affiliation
Instructor
Date of Submission

HYATT HOTELS

2

Hyatt Hotels
Hyatt Hotel’s system was infected by a virus which replicated when it was executed and
made replicas that modified various computer programs. The virus infected the computer
software including the data files and the hard drive’s sector of booting. Viruses disrupted the
system of the infected host interfering with data acquisition from the space of the hard disk and
also interfered with the processing unit time. The malicious software caused data corruption and
display of other irrelevant information on the computer. This information could be political or
some humorous information. Spam of email contacts was another way through which the
computers were infected with a virus as well as access to the confidential information such as the
credit card information. Viruses made the computers less useful (Armendariz, 2016).
In addition to scams, the company’s system may have been infected through programs of
rogue security. These programs are usually used by the cyber criminals as a social engineering
mechanis...


Anonymous
Super useful! Studypool never disappoints.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Similar Content

Related Tags