Hyatt Company Cyber Security Posture
hyatt.comHyatt is guided by its purpose: to care for people so they can be their best. Hyatt’s portfolio includes 1,400+ hotels and all-inclusive properties in 79 countries across six continents. Luxury Portfolio – Park Hyatt®, Alila®, Miraval®, Impression by Secrets, and The Unbound Collection by Hyatt® Lifestyle Portfolio – Andaz®, Thompson Hotels®, The Standard®, Dream® Hotels, The StandardX, Breathless Resorts & Spas®, JdV by Hyatt®, Bunkhouse® Hotels, and Me and All Hotels Inclusive Collection – Zoëtry® Wellness & Spa Resorts, Hyatt Ziva®, Hyatt Zilara®, Secrets® Resorts & Spas, Dreams® Resorts & Spas, Hyatt Vivid Hotels & Resorts, Sunscape® Resorts & Spas, Alua Hotels & Resorts®, and Bahia Principe Hotels & Resorts Classics Portfolio – Grand Hyatt®, Hyatt Regency®, Destination by Hyatt®, Hyatt Centric®, Hyatt Vacation Club®, and Hyatt® Essentials Portfolio – Caption by Hyatt®, Hyatt Place®, Hyatt House®, Hyatt Studios, Hyatt Select, and UrCove Subsidiaries of the Company operate the World of Hyatt® loyalty program, ALG Vacations®, Mr & Mrs Smith, Unlimited Vacation Club®, Amstar® DMC destination management services, and Trisept Solutions®. Visit hyatt.com for more. This account provides information about Hyatt Hotels Corporation, its subsidiaries or affiliates and/or hotels operating under a Hyatt-affiliated brand. Terms like “Hyatt,” “we,” “our,” “us,” and similar terms are used for convenience and should not be understood as precise designations of any particular entity. The account name and certain terms like “employees” are used by this site but may not be accurate. Individuals may identify themselves as working or having worked at Hyatt or a Hyatt hotel, but please note that self-identification should not be treated as confirmation of employment, past or present, by Hyatt or any particular entity or hotel. In some cases, an individual may have been employed by an affiliate of Hyatt Hotels Corporation or by an owner or franchisee of a Hyatt-branded hotel.
Hyatt Company Details
hyatt
87880 employees
1462947.0
721
Hospitality
hyatt.com
Scan still pending
HYA_2728151
In-progress
Hyatt Risk Score (AI oriented)Between 900 and 1000
This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.
Hyatt Global Score.png)
Hyatt Company Scoring based on AI Models
| Model Name | Date | Description | Current Score Difference | Score |
|---|---|---|---|---|
| AVERAGE-Industry | 03-12-2025 | This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers. | N/A | Between 900 and 1000 |
Hyatt Company Cyber Security News & History
| Entity | Type | Severity | Impact | Seen | Url ID | Details | View |
|---|---|---|---|---|---|---|---|
| Hyatt Hotels Corporation | Breach | 50 | 2 | 3/2017 | HYA456072525 | Link | |
Rankiteo Explanation : Attack limited on finance or reputationDescription: The Washington State Office of the Attorney General reported a data breach involving Hyatt Hotels Corporation on October 12, 2017. The breach occurred between March 18, 2017 and July 2, 2017, potentially affecting 640 Washington residents with unauthorized access to payment card information, including cardholder names, card numbers, expiration dates, and internal verification codes. | |||||||
| Hyatt Hotels Corporation | Breach | 60 | 2 | 8/2015 | HYA550072525 | Link | |
Rankiteo Explanation : Attack limited on finance or reputationDescription: The Washington Office of the Attorney General reported a data breach involving Hyatt Hotels Corporation on January 14, 2016. The breach, which involved unauthorized access to payment card data, occurred between August 13, 2015, and December 8, 2015, affecting 15 individuals. The breach was due to malware specifically designed to target payment card data. | |||||||
| Hyatt Hotels Corporation | Ransomware | 90 | 5 | 01/2016 | HYA1348522 | Link | |
Rankiteo Explanation : Attack threatening the organization's existenceDescription: Hyatt Hotels chain across the was infected by a malware attack back in January 2016. The attackers designed the malware to exfiltrated payment card information including cardholder names, card numbers, expiration dates, and internal verification code affected payment processing systems. The hotel chain offered one year’s free protection to those affected by the breach, | |||||||
Hyatt Company Subsidiaries
Hyatt is guided by its purpose: to care for people so they can be their best. Hyatt’s portfolio includes 1,400+ hotels and all-inclusive properties in 79 countries across six continents. Luxury Portfolio – Park Hyatt®, Alila®, Miraval®, Impression by Secrets, and The Unbound Collection by Hyatt® Lifestyle Portfolio – Andaz®, Thompson Hotels®, The Standard®, Dream® Hotels, The StandardX, Breathless Resorts & Spas®, JdV by Hyatt®, Bunkhouse® Hotels, and Me and All Hotels Inclusive Collection – Zoëtry® Wellness & Spa Resorts, Hyatt Ziva®, Hyatt Zilara®, Secrets® Resorts & Spas, Dreams® Resorts & Spas, Hyatt Vivid Hotels & Resorts, Sunscape® Resorts & Spas, Alua Hotels & Resorts®, and Bahia Principe Hotels & Resorts Classics Portfolio – Grand Hyatt®, Hyatt Regency®, Destination by Hyatt®, Hyatt Centric®, Hyatt Vacation Club®, and Hyatt® Essentials Portfolio – Caption by Hyatt®, Hyatt Place®, Hyatt House®, Hyatt Studios, Hyatt Select, and UrCove Subsidiaries of the Company operate the World of Hyatt® loyalty program, ALG Vacations®, Mr & Mrs Smith, Unlimited Vacation Club®, Amstar® DMC destination management services, and Trisept Solutions®. Visit hyatt.com for more. This account provides information about Hyatt Hotels Corporation, its subsidiaries or affiliates and/or hotels operating under a Hyatt-affiliated brand. Terms like “Hyatt,” “we,” “our,” “us,” and similar terms are used for convenience and should not be understood as precise designations of any particular entity. The account name and certain terms like “employees” are used by this site but may not be accurate. Individuals may identify themselves as working or having worked at Hyatt or a Hyatt hotel, but please note that self-identification should not be treated as confirmation of employment, past or present, by Hyatt or any particular entity or hotel. In some cases, an individual may have been employed by an affiliate of Hyatt Hotels Corporation or by an owner or franchisee of a Hyatt-branded hotel.
Access Data Using Our API
Get company history
Rapid.png)
Hyatt Cyber Security News
Ian Hyatt
Chief of Staff Ian Hyatt was named chief of staff to Purdue University President Mung Chiang on July 1, 2024.
New Board Members from CAVA, Hyatt’s Benjamin Vaughn, and Booking.com Join RH-ISAC to Fortify Cybersecurity in Hospitality and Retail Worldwide
RH-ISAC is a collaborative cybersecurity community serving retail, hospitality, and food industries, connecting information security teams to ...
8 ODU Graduates Honored as Outstanding College Scholars
About Lauren-Elise: While completing her studies, she developed a dance-integrated enrichment program curriculum for Ukrainian refugee children, ...
Cybersecurity strategies for small businesses – Christian Hyatt | Risk3Sixty
Welcome to another episode of The Roadmap. This time, we delve into a critical topic that's on every business owner's mind: cybersecurity.
Hyatt Hotels Corp SEC 10-K Report
The report highlights the company's robust financial performance, strategic initiatives, and the challenges it faces in the dynamic hospitality industry.
Credit Card-Grabbing Malware Hits Hyatt Hotels Once Again
I confirm that I am the owner of the email address provided and agree to receive the latest cybersecurity tips, news, and updates from Bitdefender. Right now ...
The CrowdStrike fail and next global IT meltdown already in the making
A botched software update from the cybersecurity company CrowdStrike. “In this case, it was a content update,” said Nick Hyatt, director of threat intelligence.
Hyatt Hotels Suffers 2nd Card Breach in 2 Years
Hyatt Corp. is alerting customers about another credit card breach at some hotels, the second major incident with the hospitality chain in ...
Cybersecurity Trends, Challenges and Responses
The reason why business staff should take cybersecurity online courses instead of self-learning is due to the technology sophistication, ...
Hyatt Similar Companies
JW Marriott
No loud pretense. No excess formalities. Just understated elegance you’ll feel the moment you walk into one of over 80 worldwide destinations. JW Marriott is part of Marriott International’s luxury portfolio and consists of beautiful properties in gateway cities and distinctive resort locations in
Radisson Blu
Welcome to the official page for Radisson Blu, a brand of Radisson Hotel Group. Stylish living spaces for business and leisure in some of the world’s favorite destinations. Choose stylish and elegant hotels that are created with you in mind. Enjoy a warm welcome with our inviting ambience and though
Minor Hotels
Minor Hotels is a global hospitality leader with over 560 hotels and resorts across six continents, a diverse portfolio of F&B businesses and a selection of luxury transportation services. With over four decades of experience, we build stronger brands, foster lasting partnerships, and drive business
MGM Resorts International
The resorts and casinos of MGM Resorts International™ are some of the most famous in the world. Our 28 destinations are renowned for their winning combination of quality entertainment, luxurious facilities, and exceptional customer service. We are actively expanding our presence globally, with pot
Two Roads Hospitality
Founded in 2016, Two Roads Hotels is an international lifestyle hotel company that manages and operates the Alila Hotels & Resorts, Destination Hotels, Joie de Vivre Hotels, Thompson Hotels, and tommie Hotels brands. At Two Roads, we create extraordinary experiences for those unafraid to break f
Abu Dhabi National Hotels
Abu Dhabi National Hotels (ADNH) was founded in 1976 as a hotel owner and asset manager. Over the years, it has evolved into a comprehensive hospitality group, offering a wide range of services including hotels, restaurants, destination management, catering, and transportation. Under its Hotels Div
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Hyatt CyberSecurity History Information
How many cyber incidents has Hyatt faced?
Total Incidents: According to Rankiteo, Hyatt has faced 3 incidents in the past.
What types of cybersecurity incidents have occurred at Hyatt?
Incident Types: The types of cybersecurity incidents that have occurred incidents Ransomware and Breach.
Incident Details
Can you provide details on each incident?
Incident : Data Breach
Title: Hyatt Hotels Corporation Data Breach
Description: The Washington Office of the Attorney General reported a data breach involving Hyatt Hotels Corporation on January 14, 2016. The breach, which involved unauthorized access to payment card data, occurred between August 13, 2015, and December 8, 2015, affecting 15 individuals. The breach was due to malware specifically designed to target payment card data.
Date Detected: 2016-01-14
Date Publicly Disclosed: 2016-01-14
Type: Data Breach
Attack Vector: Malware
Vulnerability Exploited: Unauthorized access to payment card data
Motivation: Financial Gain
Incident : Data Breach
Title: Hyatt Hotels Corporation Data Breach
Description: The Washington State Office of the Attorney General reported a data breach involving Hyatt Hotels Corporation on October 12, 2017. The breach occurred between March 18, 2017 and July 2, 2017, potentially affecting 640 Washington residents with unauthorized access to payment card information, including cardholder names, card numbers, expiration dates, and internal verification codes.
Date Detected: 2017-10-12
Date Publicly Disclosed: 2017-10-12
Type: Data Breach
Incident : Malware Attack
Title: Hyatt Hotels Malware Attack
Description: Hyatt Hotels chain across the was infected by a malware attack back in January 2016. The attackers designed the malware to exfiltrated payment card information including cardholder names, card numbers, expiration dates, and internal verification code affected payment processing systems.
Date Detected: 2016-01-01
Type: Malware Attack
Attack Vector: Malware
Motivation: Financial Gain
What are the most common types of attacks the company has faced?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident?
Incident : Data Breach HYA550072525
Data Compromised: Payment card data
Payment Information Risk: High
Incident : Data Breach HYA456072525
Data Compromised: cardholder names, card numbers, expiration dates, internal verification codes
Payment Information Risk: True
Incident : Malware Attack HYA1348522
Data Compromised: Cardholder Names, Card Numbers, Expiration Dates, Internal Verification Code
Systems Affected: Payment Processing Systems
Payment Information Risk: True
What types of data are most commonly compromised in incidents?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Payment card data, payment card information and Payment Card Information.
Which entities were affected by each incident?
Incident : Data Breach HYA550072525
Entity Type: Corporation
Industry: Hospitality
Customers Affected: 15
Incident : Data Breach HYA456072525
Entity Type: Hospitality
Industry: Hospitality
Location: Washington
Customers Affected: 640
Data Breach Information
What type of data was compromised in each breach?
Incident : Data Breach HYA550072525
Type of Data Compromised: Payment card data
Number of Records Exposed: 15
Sensitivity of Data: High
Incident : Data Breach HYA456072525
Type of Data Compromised: payment card information
Number of Records Exposed: 640
Sensitivity of Data: High
Data Exfiltration: True
Personally Identifiable Information: True
Incident : Malware Attack HYA1348522
Type of Data Compromised: Payment Card Information
Sensitivity of Data: High
Data Exfiltration: True
Personally Identifiable Information: True
References
Where can I find more information about each incident?
Incident : Data Breach HYA550072525
Source: Washington Office of the Attorney General
Date Accessed: 2016-01-14
Incident : Data Breach HYA456072525
Source: Washington State Office of the Attorney General
Date Accessed: 2017-10-12
Where can stakeholders find additional resources on cybersecurity best practices?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Washington Office of the Attorney GeneralDate Accessed: 2016-01-14, and Source: Washington State Office of the Attorney GeneralDate Accessed: 2017-10-12.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident?
Incident : Malware Attack HYA1348522
Customer Advisories: The hotel chain offered one year’s free protection to those affected by the breach
What advisories does the company provide to stakeholders and customers following an incident?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: was The hotel chain offered one year’s free protection to those affected by the breach.
Additional Questions
Incident Details
What was the most recent incident detected?
Most Recent Incident Detected: The most recent incident detected was on 2016-01-14.
What was the most recent incident publicly disclosed?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2016-01-14.
Impact of the Incidents
What was the most significant data compromised in an incident?
Most Significant Data Compromised: The most significant data compromised in an incident were Payment card data, cardholder names, card numbers, expiration dates, internal verification codes, Cardholder Names, Card Numbers, Expiration Dates and Internal Verification Code.
What was the most significant system affected in an incident?
Most Significant System Affected: The most significant system affected in an incident was Payment Processing Systems.
Data Breach Information
What was the most sensitive data compromised in a breach?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Payment card data, cardholder names, card numbers, expiration dates, internal verification codes, Cardholder Names, Card Numbers, Expiration Dates and Internal Verification Code.
What was the number of records exposed in the most significant breach?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 655.0.
References
What is the most recent source of information about an incident?
Most Recent Source: The most recent source of information about an incident are Washington Office of the Attorney General and Washington State Office of the Attorney General.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued?
Most Recent Customer Advisory: The most recent customer advisory issued was was an The hotel chain offered one year’s free protection to those affected by the breach.
What Do We Measure?
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
