Major data breaches seem to be pretty commonplace nowadays, to the point that I’m valuing my Social Security number at about five bucks nowadays.
Typically these data breaches impact a huge number of people. For example, earlier today I wrote about a Capital One data breach that potentially impacts more than 100 million people.
While I’m not sure what exactly you’d call this, I received a very interesting call from Hyatt this afternoon. I rarely answer the phone unless it’s someone I know, but based on the caller ID it seemed like it was someone from Hyatt, and I was curious why they’d be calling.
There was a nice lady on the line who introduced herself as being from Hyatt’s “care and regulation team,” and she proceeded to tell me that some of my information had been compromised.
As she explained it:
- My World of Hyatt data was shared with a small group of individuals
- This was information that was part of an internal record used as internal communications with teams
- Four individuals received my information, and they were asked to delete the emails and contents; they’re all apparently “loyal” World of Hyatt members as well
- She apologized for this happening, and said that notifying me was one of the top priorities
- Information shared included the confirmation number and name, World of Hyatt account number, date of booking, etc.
- They will closely monitor my World of Hyatt account for any unusual activity
Based on some follow up questions, I was told that:
- This breach happened on July 10, and I was only contacted now because Hyatt’s corporate office was doing an investigation
- Only 15 people total have been impacted by this, and they all involve people staying at Hyatt Place properties
- The information for several of my reservations was shared, all for stays at the same hotel
She asked if I wanted a new World of Hyatt account number, or if I wanted any reservations rebooked with new confirmation numbers. I declined, since I figured in the scheme of data breaches, this one wasn’t a big deal. Like I said, she was very professional, and also gave me her name and phone number to call back if I have any questions.
While I’m not worried about this at all, I still find this whole thing sort of… weird? I don’t exactly understand what happened.
I could see a situation where a bunch of emails accidentally ended up going to the wrong people, but somehow four people got my information, and this only impacted 15 people? For a loyalty program with millions of members?
So more than being worried I’m just fascinated by what really happened here…
Are any of the other 15 people impacted OMAAT readers? Did any of you receive my confirmation email in error? 😉
