Hyatt Accounts Hacked! Here’s The Detail

Our site may contain affiliate links. Read Advertiser Disclosure policy here. Some offers may have expired or are unavailable at this time. Terms Apply to Offers.


I pulled up my iPhone Hyatt Gold Passport app this morning to check if points from a recent stay had posted yet. However, I was not able to log in. I figured I had just entered the wrong password. So I went to my computer and reset my password. I thought nothing of it, until I got this email notifying me that Hyatt accounts were hacked.

Hyatt Accounts Hacked

Hyatt Accounts Hacked

I received the email below this morning. It’s slightly concerning that my account was accessed. I mean, I store a credit card in there, my personal information, and stay pattern as well.

As part of Hyatt Gold Passport’s routine monitoring of member account activity, we found a small number of accounts were accessed by an unauthorized individual utilizing member usernames and passwords. We have no reason to believe, at this time, the login information was obtained through Hyatt Gold Passport, and we continue to analyze and monitor our systems. We have reached out to members we know have been affected to resolve any concerns.

To enhance your account security, we are resetting all passwords connected to a username. The next time you sign in to your Hyatt Gold Passport account, you will need to change your password by following the directions below. We strongly recommend that you reset your username and password to a unique combination not used elsewhere. You will not be able to access your account online until you change your password.

To change your Hyatt Gold Passport password:

  • Visit Hyatt
  • Click “Forgot Password” in the sign-in section and follow the directions
  • Look for a temporary password sent to your email and follow the directions

We apologize for any inconvenience. If you have any questions, please call us anytime at 800.228.3360 in the US and Canada or contact Hyatt in your region.

Bottom Line

If you can’t log in to your Hyatt account today, make sure you weren’t hacked. Try resetting your password as I did. Fortunately none of my points were taken, but me thinks the perpetrators weren’t after points. I can’t say for certain if other personal details were taken.

How about you? Did your Hyatt account get hacked? Were you able to log back in and were any points missing?

Then I checked my SPG account, and guess what? I was locked out of there too…

Editorial Note: Opinions, analyses, reviews or suggestions expressed on this site are those of the author’s alone, and have not been reviewed, approved or otherwise endorsed by any card issuer. For details on current offers visit the card issuer’s site.

About The Weekly Flyer

The Weekly Flyer writes about travel from a business traveler perspective. He travels the world every week accumulating points and miles along the way.

Sign up for Email || Twitter || Facebook |Tips & Tricks
Hotel Offers || Airline Offers || Bank Offers || Cash Back Offers

Comments

  1. According to their press release, only 200 accounts were compromised. However, the other 17,999,800 accounts will also need to update their passwords the next time they log in. Awesome…

  2. Same to me. Could not log in this morning! Reset password and get in. BTW, I was able to log in yesterday.

  3. I find it very strange that you would have had issues with two separate accounts. Do you use a third-party app to manage your points across multiple loyalty programs? Maybe that third party was the one that was hacked.

  4. If Hyatt would allow the use of special characters to make more secure passwords, this wouldn’t be as much of an issue. Hyatt themselves forces insecure passwords.

  5. The BA “hack” was related to AwardWallet right? Think this one might be related to AwardWallet too?

  6. Could be completely unrelated, but my Chase Sapphire card was comprised with fraudulent activity today and it happens to be the same one that I had stored on my Hyatt account.

  7. Pretty weak show by Hyatt. Firstly, poor security obviously. Now what was taken?

    – email address: will lead to phishing

    – other personal information: can lead to who knows what

    As an example, just the email sent by Hyatt (we assume so) asks you to go to a site called goldpassport.com – why not hyatt.com? Sure, they may be the same but are we all supposed to know that?

    I recently received an email with a link to vvellsfargo.com where you were supposed to reset your password just like this email said – and I am sure it caught many unsuspecting people.

  8. Reread the email. Yes the one you posted with this article. It doesn’t say YOUR account was hacked. It says SOME accounts were hacked. And yes you must reset your password.

    The bad news is that I’m finding it impossible to do just that. I’ve waited going on 2+ hours now for the password reset email. I called in, checked the account email etc. No problem. The person I spoke to said that it is taking “up to an hour” (lies I’m thinking, I’m no longer even expecting the email the same day anymore) for some people to get the reset message.

    Great. So they’ve reset everybody’s passwords and now nobody can reset them. Thanks so much!

  9. The email said that those affected were directly contacted, i.e. they received something other than the blast email. If you only got this blast email, you weren’t known to be affected, it’s just a precaution.

Leave a Reply

Your email address will not be published. Required fields are marked *