Some 250 Hyatt-operated hotels were affected by a data breach last year, the company has announced.
The incident occurred in late November when malware was identified on computers that operate the payment processing systems for locations managed by the business. It immediately began an investigation and spoke to third-party cyber security specialists.
In the United Arab Emirates (UAE), eight hotels were affected. Six of these were in Dubai and two were in Abu Dhabi. The attack also impacted hotels across the world, including America, Europe and Australia.
As part of the investigation, signs of unauthorised access to payment card data were identified between August 13th 2015 and December 8th 2015. Some of these at-risk cards were used at spas, golf shops, parking and some front desks.
Once this was found out, Hyatt quickly got in touch with security specialists to strengthen the security of its systems and ensure customers can confidently use payment cards at hotels across the globe.
The malware used by hackers in the incident aimed to collect payment card data such as cardholder names, card numbers, expiration dates and internal verification codes. However, there is no indication that other data was impacted.
Hyatt has confirmed it is in the process of mailing letters to customers affected by the incident, though it is not able to identify every single individual who may have been affected by the attack.
The company has clarified that customers can now safely use payment cards at its hotels, as its processes have been boosted with help from third-party security experts.
Hyatt has also urged all customers to review their payment card account statements closely and report any unauthorised charges as soon as possible.
It is advisable for anyone affected by the breach to change their account password and make sure they do not rely on the same password for several sites.