There has been lots of problems with Hyatt’s website over the years, but I have never come across as serious flaw as this that my friend sent me a screenshot about.
He had logged into this Hyatt Gold Passport account, but the account number and the name shown belonged to some Japanese lady.
She had some upcoming stays at Hyatt’s properties in Tokyo (likely to fulfill the Diamond requalification as she seems to be bit on the short side on number of stays required).
Hyatt’s previous IT shambles:
– Website that was more often down than up (well it was often down)
– Most Hyatt Gold Passport passwords lost (gone – you had to choose new one)
– Earlier this year many had all of their current reservation disappear from their online accounts (yes – did happen)
+ likely many others.
How can you trust Hyatt with your personal information, if they cannot keep it private?
There must be something seriously wrong with Hyatt’s IT department, if the system is so insecure that in can show totally unrelated account with all the guest information, when someone logs into his/her account.
Not sure what to say at this point. How could Hyatt display someone totally unrelated person’s account & reservation information, when you log into your account. Makes you wonder, how many times this is happening every day and what might happen, if someone is nefarious?