The security administrators of the Hyatt Hotels Corporation probably won’t be taking the holiday off this year. The hospitality giant yesterday announced that its payment processing infrastructure has suffered a breach in what is at least the sixth major attack against a key member of the global travel industry since the beginning of 2015.

The last such incident was revealed only about a month ago when Starwood Hotels and Resorts Worldwide, Inc., which operates several major brands including Sheraton and W Hotels, admitted a number of its North American hotels were infected with data-stealing malware. An investigation into the breach revealed that the hackers targeted merchant systems much like in the Hyatt breach to try and steal the credit card details of holiday vacationers. The same motivation was discovered to be behind the attack against Hilton Worldwide Holdings Inc. that occurred a few months earlier.

The perpetrators focused specifically on gift shop and restaurant points-of-sale in both of the latter incidents, suggesting a potential link between the two that could also hold some relation to the Hyatt breach. But not all of the attacks that affected the travel industry over the last 12 months were financially driven. The breaches at two of the highest-profile victims of the hacking spree, online booking giant Sabre Holdings Corp. and American Airlines Inc., were reportedly connected to the U.S. Office of Personnel Management leak earlier this year.

Security insiders told the press that all three breaches are suspected to have been carried out by Chinese hackers tasked with gathering intelligence about governmental staffers in sensitive positions. The fact that the latest attack against Hyatt only appeared to have involved payment data should come as a relief to vacationers staying at its hotels this holiday, but they may still be exposed to identity theft and fraud since the ongoing internal investigation into the incident has yet to rule out the possibility.

Image via Pixabay