Originally Posted by Hyatt
unauthorized access to payment card information from cards manually entered or swiped at the front desk of certain Hyatt-managed locations between March 18, 2017 and July 2, 2017
Guesswork follows. March 18 is probably when they installed a "new" procedure to handle credit cards at the front desk. July 2 is probably when they abandoned the "new" procedure because they discovered that it is not secure.
I'm not sure which story is more jaw-dropping. "Thieves steal Credit Card info from Hyatt" ... or "Hyatt stores unencrypted Credit Card info at the individual hotel level". Unencrypted Credit Card Info should never be stored on local servers, ever.
Honestly, there are so many services to process credit card transactions securely. It's just blows the mind to think that a multi-national corporation would intentionally plan and install an insecure service, and then take 3.5 months to realize their blunder.