Agreed I think Hyatt BLEW IT. My view of Hyatt has changed due to the way they handled this...

Hyatt is losing money and it's clear due to poor leadership in Chicago.

It's worth remembering three things here:

First, Hyatt's security practices are obviously deficient. They seem aware of the problem, though it's not clear to me whether the "upgrade" to their system came before or after they became aware of the hack. But the point here is that they're aware and statutory remedies will kick in - eventually.

Second, the point of the hack was not your Hyatt points. As with the United, American and Anthem hacks, the target is the ancillary data around your account: SSN, credit card numbers, employers, travel patterns. Hackers are becoming far more sophisticated in their approach to cyber crime, they're certainly not after Hyatt points, even if this is the signal that betrays the hack. Your worries should extend way beyond your relationship with Hyatt.

Lastly, the real issue begins now that the hack has taken place. A credit freeze is a good way to go, but it's a lot of work to manage. State disclosure laws will ultimately determine the communication we will see from Hyatt, but the laws don't go very far beyond requiring disclosure post-hack. The real need for vigilance and caution starts now.

It might feel good to act on the frustration with Hyatt by terminating your account, and that might be the right thing to do for some people. But the problem is only now beginning. Terminating your Hyatt account will not mitigate the impact that the hack can have on your personal finances.

Agree. Since they posted the news release on Dec. 23, there has not been one single update http://www.hyatt.com/protectingourcustomers/

I am still locked out of my acount. There has been no follow-up to my repeated calls and emails. They blew it. And I think they still do not have a clue.

Come on Hyatt, give everyone free credit monitoring. Don't be so stingy, you have to pay for not taking customer data protection seriously !

Come on Hyatt, give us an update http://www.hyatt.com/protectingourcustomers/

The suspense is killing me.

This week I actually spoke to a front desk agent about the data breach and system maintenance. They knew nothing about it and it was the first they heard about it..

Why was I not surprised.

Various news reports stated that Hyatt became aware of the hack about a month prior to acknowledging it, so yes they knew about it before the system upgrade.

There have been no updates by hush-hush Hyatt. No emails. No nothing. Nevertheless, I am able to log into my account again.

The only thing I notice that is different is that after you log in, the server is located in Germany. I don't remember this being the case before the hack. I use a small add-on for Firefox called Flagfox and here is what I can pull up:

Hostname www.hyatt.com ISP Akamai Technologies, Inc. (AS16625)
Continent Europe
Country Germany Country Code DE (DEU)

Akamai is a CDN ( https://en.wikipedia.org/wiki/Content_delivery_network ) which will hide the real origin of the server(s).
For me flagfox is showing Germany, Netherlands or UK,.. depending on the proxy I use.

Still no update is hilarious. Maybe they need better "experts"

The idiots at Hyatt just took it upon themselves to send me a "password reset" WITHOUT MY ASKING FOR IT. They also sent me some apology email which basically says nothing at all.

So now my password that finally worked is no good anymore, and I'm locked out again. Once again. While traveling. Got to (#%(# around again with my password.

YOU SUCK HYATT.

The Hyatt system is down for maintenance again, but there's a notice about the breach in the upper left corner of the HGP homepage. Clicking results in "A Message from our Global President of Operations" (Chuck Floyd) which doesn't say much.

That message has been there for a while. Apparently Chuck hasn't found it necessary to give us an update, though. Or -- heaven forbid -- notify the customers directly.

Hyatt has now provided an update with affected properties and dates at:
http://www.hyatt.com/protectingourcustomers/

Interestingly, my Hyatt Visa, which I RARELY use, was compromised last month... and I did in fact use it recently at one of the affected properties during the affected time period.

Looking at the list of affected (breached) properties. There are so many hotels that got hacked it might have been easier to list the hotels that didn't get hacked!

The number of hotels impacted by the malware is vast. I didn't really think the problem was as widespread as it turned out to be when first announced in December.

Above from
Hyatt Hotels Issues Update on Credit Card Security Breach at its Properties


Above appeared in FBT, where I serve as Ed.Dir.