After investigating a breach of its payment-processing systems that occurred last year, Hyatt revealed on Thursday that 250 locations had been hacked, including the Hyatt Regency Minneapolis.
 
The Chicago-based hotel chain determined that hotels in 50 countries were affected by the breach, which took place between August 13 and December 8 of last year. Hyatt gave word of the breach in December, but did not disclose details at the time regarding how many hotels were affected or for how long.
 
When asked, the front office manager at the Hyatt Regency Minneapolis declined to comment on the breach or the number of guests that had information stolen.

Stephanie Sheppard, Hyatt's corporate communications manager, clarified in an email that payment card data was stolen largely from restaurants located within its hotels. “A small percentage of the at-risk cards were used at spas, golf shops, parking, and a limited number of front desks” during the August to December period, she said.

According to Hyatt's investigation, a number of its locations were deemed at risk on or shortly after July 30, 2015. The malware that entred its system was designed to collect the cardholder's name, card number, expiration date and internal verification code from onsite transactions.

Sheppard urges its customers review their bank statements for unauthorized activity, adding that “protecting customer information is critically important to Hyatt, and we take the security of customer data very seriously.” On its website, Hyatt has amassed the list of affected hotels and the respective at-risk dates for each location.

To protect its affected customers, Hyatt arranged for identity protection company CSID to provide one-year of its Protector services at no cost. The hotel chain said it worked quickly with third-pary cyber security experts to resolve the issue and will work to stregthen the security of its systems.

Aside from downtown Minneapolis, Hyatt has hotel operations in Eden Prairie and Bloomington. Sheppard said the Hyatt Regency Minneapolis was the only location in Minnesota that was affected.