Hotels became the most breached sector for credit card data theft in 2009, representing just over a third of all major breaches. This was news to me when I heard hotels were the number 1 target for major data breaches last week. The Westin Bonaventure is the latest hotel location to announce a new credit card data breach. Westin Hotels published an alert Friday, March 5.
In searching for the Westin press release I saw Barbara De Lollis covered the Westin story on Sunday, March 7 and she published an even more comprehensive story on credit card data breaches in hotels last week, “Cybercriminals still consider hotels easy targets for credit card info” on March 2. Read her stuff. She says this was her most read story for the month.
The Carlson Hotels conference last week had a security session and covered credit card data theft and security actions hotels need to take. The message I heard is that in most cases it is a relatively easy and inexpensive upgrade at the hotel level to prevent attacks. Carlson offered resource assistance to its hotel members for developing a secure data environment. This was another one of those big picture aspects of hotel travel that I really had not given much thought to in the past. And now more data breach stories are hitting the news since then.
Another aspect of traveling in the global hotel world I guess we need to consider as frequent guests is the security resources a larger company can place in protecting your credit card data. Barbara’s article shares insight of Nicholas Percoco, a data breach investigator with Trustwave.
“Percoco wouldn’t identify hotel clients, but he did suggest that some chains are being more proactive than others in trying to thwart hackers.
“Your larger hotel chains have started to take action,” he said.
“Now where the larger risk probably lies – once the brand names lock up their systems – is with the independent hotels,” Percoco said. “Many don’t have the resources and don’t have centralized staff to help them out.”
Barbara De Lollis, Hotel Check-in “Cybercriminals still consider hotels easy targets for credit card info” (March 2, 2010)
Related Story links:
Hotel Hackers Attack Westin Bonaventure hotel’s restaurants, valet parking networks – Barbara DeLollis, Hotel Check-In, USA Today (March 7, 2010)
Westin is Latest hotel to be Hit by Hackers – Infosecurity (March 8, 2010)
Wyndham Hotels & Resorts Open Letter regarding hacker breach (February, 2010)
Westin Bonaventure Data Security Breach – PR Newswire (March 5, 2010)
Radisson Database Hacked – Infosecurity (August, 2009)