What Hotels Need to Know to Protect Against Inevitable Data Breaches

By Philip J Harvey President, Venture Insurance Programs | February 14, 2016

Data breaches are happening at hotels with increasing frequency, from small boutique properties to some of the largest international brands. Hilton, Starwood, Mandarin Oriental, Hyatt and the Trump Collection were all prominent victims in 2015.

Hyatt discovered malware designed to steal credit card data on computers that operate payment processing systems. At Evans Hotels, back-up card readers used to encrypt payment card data were breached. The front desk system at Peppermill Resort Spa & Casino was breached, compromising guest payment card information.

In a growing trend of criminals exploiting weaknesses in point-of-sale (POS) security, hackers used a malware intrusion of Starwood’s POS system to expose credit/debit card information used at retail shops, gift shops and restaurants at its W., Sheraton and Westin brands. Hackers compromised POS registers in gift shops and restaurants at a large number of Hilton hotel and franchise properties across the country. Hackers also accessed POS systems at most Mandarin Oriental properties in the U.S.

Not only are hotels susceptible to data breaches, but they also present complex risk management and insurance challenges, with systems stretching across multiple properties, brands and franchises.

Yet, despite the frequency and severity of these attacks, many hotels are not prepared for the inevitable breach. They do not have data breach response plans, solid risk management strategies or insurance to cover the costs involved when there is a breach. These costs run into the millions and include myriad expenses like computer forensic investigations, guest notifications, legal defense of potentially costly lawsuits and public relations costs to protect and restore a tarnished image.

Vulnerable, But Unprepared

Hotel Newswire Headlines Feed  

Donald R. Boyken
Roger G. Hill
Roger G. Hill
Zia Siddiqi
Joyce Gioia
Richard Takach, Jr.
Darrell Schuurman
Roger G. Hill
Jim Poad
David Ashen
Coming up in March 2018...

Human Resources: Value Creation

Businesses must evolve to stay competitive and this is also true of employment positions within those organizations. In the hotel industry, for example, the role that HR professionals perform continues to broaden and expand. Today, they are generally responsible for five key areas - government compliance; payroll and benefits; employee acquisition and retention; training and development; and organizational structure and culture. In this enlarged capacity, HR professionals are no longer seen as part of an administrative cost center, but rather as a member of the leadership team that creates strategic value within their organization. HR professionals help to define company policies and plans; enact and enforce systems of accountability; and utilize definable metrics to measure and justify outcomes. Of course, there are always new issues for HR professionals to address. Though seemingly safe for the moment, will the Affordable Care Act ultimately be repealed and replaced and, if so, what will the ramifications be? There are issues pertaining to Millennials in the workforce and women in leadership roles, as well as determining the appropriate use of social media within the organization. There are new onboarding processes and e-learning training platforms to evaluate, in addition to keeping abreast of political issues like the minimum wage hike movement, or the re-evaluation of overtime rules. Finally, there are genuine immigration and deportation issues that affect HR professionals, especially if they are located in Dreamer Cities, or employ a workforce that could be adversely impacted by federal government policies. The March Hotel Business Review will take a look at some of the issues, strategies and techniques that HR professionals are employing to create and sustain value in their organization.