Hyatt Suffers Second Data Breach in Two Years

This week, the Alert Logic team highlights the Hyatt Breach and KRACK Malware.

Data Breach

Second Hyatt Hotels Data Breach in Two Years

For the second time in two years, Hyatt has had a credit card data breach at its hotels. Hyatt revealed last week it suffered a breach of its payment systems, exposing customer credit card data from 41 hotels in 11 countries worldwide.

It took Hyatt nearly three months to inform customers about the data breach, which was discovered in July. The breach impacts customers who used credit cards at affected hotels from March 18 to July 2 of this year. Based on Hyatt’s investigation into the breach, it appears that malicious software code from a third-party was inserted onto certain hotel information technology systems.

References: The Hyatt Hotel Chain Hit by Second Breach This Year | Hyatt Hotels Discovers Card Data Breach at 41 Properties | Credit Card Data Breach Hits Hyatt Hotels — Again

Mitigation Strategies:

Malware

KRACK Wi-Fi Attack Threatens All Networks

A devastating flaw in Wi-Fi’s WPA security protocol makes it possible for cyber attackers to eavesdrop on your data when you connect to Wi-Fi. Dubbed KRACK (short for Key Reinstallation AttaCK), the issue affects the Wi-Fi protocol itself—not specific products or implementations. That means that if your device uses Wi-Fi, KRACK likely impacts it.

The flaw allows a cyber attacker to eavesdrop on all traffic you send over the network. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. Fortunately, major tech companies are moving quickly to patch the issue.

References: The KRACK Wi-Fi Vulnerability, Explained Like You’re Five | New Mobile Risk: Cracking Wi-Fi Encryption with Key Reinstallation Attacks (KRACK) | Everything With Wi-Fi Has a Newly Discovered Security Flaw. Here's How to Protect Yourself

Mitigation Strategies:

Security Insights

This Week's Suspicious IP Addresses

188.225.9.157 39.90.42.242
194.27.67.114 218.95.249.42

*IP addresses provided by Recorded Future.