After initially announcing a monster malware infection across the group which harvested unsuspecting customer’s credit card details, the embattled people at Hyatt Hotels have released full details of hotels that had their point of sale systems compromised. It does not make pretty reading.
No fewer than 250 Hyatt Hotels were infected with data being harvested between 13/07 and 08/12 2015. The full list of compromised sites is available here.
If you even think you stayed in a Hyatt for business, pleasure or maybe have a ‘friend’ who ‘may’ have stayed at one of their facilities, please check this list and keep an eye on your statements. In fact, better still, if you stayed at a Hyatt Hotel in the last 12 months, just get a replacement card and maybe a good lawyer!
If you are a regular reader of this blog, you will have seen our predictions for 2016 published last week. In just one week, the following have happened:
- Hyatt reveals the massive scale of a data breach – OK we all knew about it but the scale is enormous, as predicted. Check.
- A piece of bank account syphoning malware (in Japan) used an extra gizmo that infected the user’s phone and intercepted authorisation codes from the bank, a piece of weaponised mobile malware. Check.
- Time Warner Cable has announced that emails from 320,000 customers were stolen using nothing less than, you guessed it, a Phishing attack. Check, check.
At this rate we should probably consider quarterly predictions, although, lets be honest if you aren’t expecting more of this stuff, you may need to consider medical advice.
Now that we have got the back patting over and done with, let’s discuss the root driver for all of the attacks above. We warned you that we would bore you with this and so it begins. It is imperative that as a business that stores data, customer data, trade secrets, business processes, digital content (ahem, Sony), whatever it is, it is almost certainly valuable to someone else and you must consider this in order to effectively protect against it.
ITC’s proven, straightforward ‘five steps to security’ programme can help you analyse your environment and deploy your finite security budget appropriately to protect your crown jewels.
We will be discussing this further at our forthcoming event ‘CloudBurst’ at The Tower of London on the 28th of January and would appreciate seeing you there. If you cant make it, have more pressing demands or would like us to talk you through our approach, please contact us on: 020 7517 3900 or email us at: [email protected].