Hackers Target Another Hotel Chain, Another Toy Company

Dec. 28, 2015

Hackers Target Another Hotel Chain, Another Toy Company While many people around the world took time off around the holidays, hackers very clearly were still hard at work as major data breaches were acknowledged by another hotel chain and another brand popular with kids.

Hyatt said it discovered the intrusion, which targeted Hyatt-managed properties (not those owned by franchisees) on Nov. 30, but did not disclose exactly how many properties were affected or how many records may have been exposed. The company followed up its initial statement by acknowledging in published reports that the malware used in the attack targeted payment-card information including cardholder names, PANs, expiration date and CVV/CVC information.

While health care companies and governments have been high on hackers’ lists this year, hospitality companies have been making data security news since the fall. Several major hotel chains including Starwood , Hilton and others have reported breaches in the second half of 2015.

Separately, a security researcher discovered a leaked database from Sanrio, the Japanese company that designs, licenses and produces the popular hello Kitty character. The database reportedly contains account data for 3.3 million users of Sanriotown.com and other Sanrio-owned Websites including hellokitty.com. The company has not yet acknowledged the extent of the breach publicly but said it is investigating.

Because many Hello Kitty products appeal to kids and teens, experts are speculating that many of the user accounts belong to children. If so, it is the second network intrusion made public in the last 30 days putting the personal information of young people at risk.