Last month Hyatt Hotels fell victim to a cyber attack that affected 318 Hyatt hotels. Let’s get right to the point: the attack happened because malware was installed on machines that are used to process customer payments. What does that mean? Basically, malware managed to get installed on a single computer and then spread to all of the other computers on that network, exposing information from every location. This is why the breach only affects 318 hotels – these hotels are owned by Hyatt and not franchised, meaning they share a network – the franchised hotels are not on this network.

So how did malware manage to get onto the first computer? It had to be downloaded, and the most common scenario is that it’s downloaded without the users knowledge from a malicious website or email. How do you prevent it? Two ways: never let it download in the first place, and make sure that your computers are always up-to-date and protected against malware. Proper employee information security training can teach employees how to identify malicious websites and emails, allowing them to dodge the cyber-attack bullet. We know – people are people – and mistakes will happen, that said it’s important to always have anti-malware software installed and up-to-date. This will ideally isolate any malware that makes it onto the computer and prevents it from running, as well as spreading. The key here is being up-to-date, new malware is released every day and updating your anti-malware allows the software to know what to look for.

Now that you know what went wrong, and how to prevent these types of hacks, take a step back and look at the situation from a high level. Something as simple as a front desk employee at a hotel, did something as simple as go to a website or open an email, resulting in 318 hotels leaking sensitive customer payment information. This is why employee security training needs to be a top priority for any company that handles customer or user information, and that’s… well every company. As always, #caremoreshareless .