In a statement released yesterday, the hotel giant said there was a possibility that guests who stayed at a Hyatt hotel between August 13 and December 8 last year may have had credit or debit card data.

The group blamed “unknown cyber thieves” which it said had “infiltrated many of the hotel chain’s payment systems”.

It added that the breach was likely to have affected guests at 250 hotels in around 50 countries.

Mark Bower, global director, product management at HPE Security said: “Card-on-file transactions are common, meaning card data is often stored longer than typical, to maintain customer bookings and for resort service charges after check-in.

“Online booking systems often channel card data from various sources and third parties over the internet, creating additional possible points of compromise. Partner booking systems accessing the hotel platforms also present additional risks and malware paths for entry to data processing systems to steal sensitive information.”

Bower added that information suggested a “good portion” of breached data had come from the restaurant side of the hotel chains facilities.

It comes after Hilton Worldwide issued an alert to its customers in November warning that it had also had cardholder payment details stolen by malware.

The company said in a statement that malware had found its way onto point-of-sale systems and stolen cardholder names, payment card numbers, security codes and expiry dates, and largely affected those that had used their cards at Hilton Worldwide between November 8 and December 5 2015 to April 21 to July 27.