Behind the Cyberattacks on Hotels

What's Happening and What Should Hotel Owners and Operators Do?

By Robert E. Braun Partner, Jeffer Mangels Butler & Mitchell, LLP | December 10, 2017

Almost as soon as there were data breaches, hotels became a prime target of hackers, and the hospitality industry has consistently been one of the most commonly targeted businesses. Since 2010, hotel properties ranging from major multinational corporations to single location hotels have been impacted.

The recent report that Hyatt Hotels was a victim for the second time in as many years has raised more concerns about the industry's ability to address cybersecurity. While consumers are so used to receiving breach notices that "breach fatigue" has set in, the second successful attack on Hyatt is sure to raise the eyebrows of regulators, plaintiffs' lawyers, and guests. The data breach will affect the loyalty, trust and consumer perception of all Hyatt Hotels guests. So how can hotels prove to guests that they are safe and trustworthy?

"While the company claims that it has implemented additional security measures to strengthen the security of its systems, no explanation was given as to why these additional measures were not implemented after the first attack," said Robert Cattanach of Dorsey & Whitney.  "Estimates of actual harm have yet to be provided, which is typically the weak spot of any attempted class action, but the liability exposure seems problematic regardless."

Hyatt is in no way alone. On November 2, 2017, the BBC reported that Hilton was fined $700,000 for "mishandling" two data breaches in 2014 and 2015. The attorneys general of New York and Vermont said Hilton took too long to inform their guests about the breaches and the hotels "lacked adequate security measures." Hilton discovered the first of the two breaches in February 2015 and the second in July 2015, according to the article, but the company only went public with the breaches in November 2015. The company has said there is no evidence any of the data accessed was stolen, but the attorneys general said the tools used in the data breaches made it impossible to determine what was done.

What do Hackers Want?

Hackers seek a variety of types of information. Most commonly, hackers compromise systems so that they can obtain credit card numbers and sell them on the dark web. While this is possibly the most common – and certainly the most reported – type of data theft, it is far from the only kind of data hackers look for.

Choose a Social Network!

The social network you are looking for is not available.

Close

Hotel Newswire Headlines Feed  

Linda Pierce
William A. Brewer
Johan Terve
John R. Hunt
Breffni Noone
Tammy S. Miller
Calvin Anderson
Tim Trefzer
Alexandra Glickman
Coming up in January 2019...

Mobile Technology: The Future is Now

Mobile Technology continues to advance at a relentless pace and the hotel industry continues to adapt. Hotel guests have shown a strong preference for mobile self-service - from checking-in/out at a hotel kiosk, to ordering room service, making dinner reservations, booking spa treatments, and managing laundry/dry cleaning services. And they also enjoy the convenience of paying for these services with smart phone mobile payments. In addition, some hotels have adopted a “concierge in your pocket” concept. Through a proprietary hotel app, guests can access useful information such as local entertainment venues, tourist attractions, event calendars, and medical facilities and services. In-room entertainment continues to be a key factor, as guests insist on the capacity to plug in their own mobile devices to customize their entertainment choices. Mobile technology also allows for greater marketing opportunities. For example, many hotels have adopted the use of “push notifications” - sending promotions, discounts and special event messages to guests based on their property location, purchase history, profiles, etc. Near field communication (NFC) technology is also being utilized to support applications such as opening room doors, earning loyalty points, renting a bike, accessing a rental car, and more. Finally, some hotels have adopted more futuristic technology. Robots are in use that have the ability to move between floors to deliver room service requests for all kinds of items - food, beverages, towels, toothbrushes, chargers and snacks. And infrared scanners are being used by housekeeping staff that can detect body heat within a room, alerting staff that the room is occupied and they should come back at a later time. The January Hotel Business Review will report on what some hotels are doing to maximize their opportunities in this exciting mobile technology space.