Warning COVID-19 Update

News Releases

Hyatt Launches Public Bug Bounty Program With HackerOne
Adds an additional layer to Hyatt’s cyber security strategy

CHICAGO (January 9, 2019)Hyatt Hotels Corporation (NYSE: H) today announced the launch of a public bug bounty program with HackerOne in which ethical hackers are invited to test Hyatt websites and mobile apps for potential vulnerabilities and securely disclose them to Hyatt. In working with HackerOne, Hyatt is able tap into the vast expertise of the security research community to accelerate identifying and fixing potential vulnerabilities.

“At Hyatt, protecting guest and customer information is our top priority and launching this program represents an important step that furthers our goal of keeping our guests safe every day,” said Hyatt Chief Information Security Officer Benjamin Vaughn. “As one of the first global hospitality brands to launch this type of program, we extend the ways we care for our guests and deepen our commitment to protecting their sensitive information.”   

Through the bug bounty program, security researchers will be able to earn cash rewards, also known as bounties, if they report valid security flaws on Hyatt.com, m.hyatt.com, world.hyatt.com, and the iOS and Android versions of the Hyatt mobile app so they can be safely resolved. All ethical hackers that have agreed to HackerOne’s terms and conditions, and adhere to disclosure guidelines are eligible to participate in this program.

“Bug bounty programs are a proven method for advancing an organization’s cyber security defenses, trusted by leading enterprises across industries,” said HackerOne CEO Marten Mickos. “In today’s connected society, vulnerabilities will always be present. Organizations like Hyatt are leading the way by taking this essential step to secure the data they are trusted to hold.”

For more information, please visit: hackerone.com/hyatt

The term “Hyatt” is used in this release for convenience to refer to Hyatt Hotels Corporation and/or one or more of its affiliates

For further information:

About HackerOne

HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be exploited. More Fortune 500 and Forbes Global 1000 companies trust HackerOne than any other hacker-powered security alternative. The U.S. Department of Defense, General Motors, Google, Twitter, GitHub, Nintendo, Lufthansa, Panasonic Avionics, Qualcomm, Starbucks, Dropbox, Intel, the CERT Coordination Center and over 1,200 other organizations have partnered with HackerOne to resolve over 88,000 vulnerabilities and award over $41M in bug bounties. HackerOne is headquartered in San Francisco with offices in London, New York, the Netherlands, and Singapore.

About Hyatt Hotels Corporation

Hyatt Hotels Corporation, headquartered in Chicago, is a leading global hospitality company with a portfolio of 14 premier brands. As of September 30, 2018, the Company's portfolio included more than 750 properties in more than 55 countries across six continents. The Company's purpose to care for people so they can be their best informs its business decisions and growth strategy and is intended to attract and retain top colleagues, build relationships with guests and create value for shareholders. The Company's subsidiaries develop, own, operate, manage, franchise, license or provide services to hotels, resorts, branded residences, vacation ownership properties, and fitness and spa locations, including under the Park Hyatt®, Miraval®, Grand Hyatt®, Hyatt Regency®, Hyatt®, Andaz®, Hyatt Centric®, The Unbound Collection by Hyatt®, Hyatt Place®, Hyatt House®, Hyatt Ziva, Hyatt Zilara, Hyatt Residence Club® and Exhale® brand names. On November 30, 2018, the Company expanded its hotel and resort portfolio with the inclusion of the Alila®Destination®Joie de Vivre®Thompson Hotels® and tommie™ brands. For more information, please visit www.hyatt.com.

MEDIA CONTACT:
Vanessa George 
Hyatt 
+1 312 780 5451
vanessa.george@hyatt.com