In a Hotel Data Breach, Immediate Response is the New Normal
By Kurt Meister Senior Vice President , Distinguished Programs | April 2018
If you haven't heard about the latest data breach to hit a major hotel chain, just do a quick internet search. In 2017, the number of U.S. data breaches hit an all-time high of 1,579, up 45 percent from 2016, according to the Identity Theft Resource Center. And hotels are a prime target. Verizon's 2017 Data Breach Investigations Report ranks accommodations (hotels and restaurants) as the top industry for point-of-sale (POS) intrusions.
Each data breach creates its own unique set of headaches. One is financial cost. From 2014-17, the average costs of POS-related investigations averaged $735,000 and grew larger (as high as $17 million) based on the size of the organization, according to NetDiligence.
Reputation damage is equally concerning. Consumers expect hotels – and all businesses – to protect their data no matter what. And when a data breach occurs, they expect immediate action, often faster than the six-to-eight weeks allowed under most U.S. laws.
For many hotels, the question is no longer if a data breach will occur, but when. That's why hotel owners, operators and franchises must be protected and prepared.
Evaluate Your Risks
Because the U.S. hospitality industry attracts millions of guests each night – and because those customers pay for almost everything with a credit card – cybercriminals see hotels as a potential windfall.