NEW YORK (AP) — Hyatt said Thursday that it found malicious software in about 250 of its hotels that may have exposed customers’ credit- and debit-card numbers and other information to hackers.
It’s the first time the hotel operator has listed the hotels affected since it announced it found malware at its hotels in December.
The hotel chain does not know at this time how many customers were affected, a Hyatt spokeswoman said.
Hyatt Hotels Corp. said the malware was present between July and December within payment-processing systems at its restaurants, spas, front desks and other areas in its hotels.
Cardholder names, card numbers and expiration dates may have been exposed, the company said.
Several other hotel chains reported being hacked last year, including Starwood, Trump Hotel Collection and Mandarin Oriental.
Hyatt said the malware was found at many of its brands, including the Park Hyatt, Hyatt Regency and Andaz. About 100 of the hotels affected were in the U.S. The rest were abroad in cities including London, Paris and Shanghai.
The Chicago-based company has about 630 properties.
For a full list of hotels affected, please visit Hyatt’s website.
Hyatts in the D.C. region and the dates they were vulnerable include:
- Washington Grand Hyatt Washington, Aug. 13, 2015 – Dec. 8, 2015
- Washington Hyatt Regency Washington on Capitol Hill, Aug. 13, 2015 – Dec. 8, 2015
- Washington Park Hyatt Washington, Aug. 13, 2015 – Dec. 8, 2015
- Arlington Hyatt Regency Crystal City at Reagan National Airport, Aug. 13, 2015 – Dec. 8, 2015
- Herndon Hyatt Dulles, Aug. 13, 2015 – Dec. 8, 2015
- Reston Hyatt Regency Reston, Aug. 13, 2015 – Dec. 8, 2015
- Tysons Corner Hyatt Regency Tysons Corner, Aug. 13, 2015 – Oct. 14, 2015
- Bethesda Hyatt Regency Bethesda, Aug. 13, 2015 – Oct. 14, 2015