Behind the Cyberattacks on Hotels

What's Happening and What Should Hotel Owners and Operators Do?

By Robert E. Braun Partner, Jeffer Mangels Butler & Mitchell, LLP | December 10, 2017

Almost as soon as there were data breaches, hotels became a prime target of hackers, and the hospitality industry has consistently been one of the most commonly targeted businesses. Since 2010, hotel properties ranging from major multinational corporations to single location hotels have been impacted.

The recent report that Hyatt Hotels was a victim for the second time in as many years has raised more concerns about the industry's ability to address cybersecurity. While consumers are so used to receiving breach notices that "breach fatigue" has set in, the second successful attack on Hyatt is sure to raise the eyebrows of regulators, plaintiffs' lawyers, and guests. The data breach will affect the loyalty, trust and consumer perception of all Hyatt Hotels guests. So how can hotels prove to guests that they are safe and trustworthy?

"While the company claims that it has implemented additional security measures to strengthen the security of its systems, no explanation was given as to why these additional measures were not implemented after the first attack," said Robert Cattanach of Dorsey & Whitney.  "Estimates of actual harm have yet to be provided, which is typically the weak spot of any attempted class action, but the liability exposure seems problematic regardless."

Hyatt is in no way alone. On November 2, 2017, the BBC reported that Hilton was fined $700,000 for "mishandling" two data breaches in 2014 and 2015. The attorneys general of New York and Vermont said Hilton took too long to inform their guests about the breaches and the hotels "lacked adequate security measures." Hilton discovered the first of the two breaches in February 2015 and the second in July 2015, according to the article, but the company only went public with the breaches in November 2015. The company has said there is no evidence any of the data accessed was stolen, but the attorneys general said the tools used in the data breaches made it impossible to determine what was done.

What do Hackers Want?

Hackers seek a variety of types of information. Most commonly, hackers compromise systems so that they can obtain credit card numbers and sell them on the dark web. While this is possibly the most common – and certainly the most reported – type of data theft, it is far from the only kind of data hackers look for.

Choose a Social Network!

The social network you are looking for is not available.

Close

Hotel Newswire Headlines Feed  

Kathleen Hayn
Tony Heung
Eugenio Pirri
Megan (Sterritt) Taylor
Bruce Seigel
Janelle Schwartz
Tim Peter
Dean Minett
Sridhar Laveti
Gio Palatucci
Nicholas Pardon
Renie Cavallari
Coming up in April 2019...

Guest Service: A Culture of YES

In a recent global consumers report, 97% of the participants said that customer service is a major factor in their loyalty to a brand, and 76% said they view customer service as the true test of how much a company values them. And since there is no industry more reliant on customer satisfaction than the hotel industry, managers must be unrelenting in their determination to hire, train and empower the very best people, and to create a culture of exceptional customer service within their organization. Of course, this begins with hiring the right people. There are people who are naturally service-oriented; people who are warm, empathetic, enthusiastic, pleasant, thoughtful and optimistic; people who take pride in their ability to solve problems for the hotel guests they are serving. Then, those same employees must be empowered to solve problems using their own judgment, without having to track down a manager to do it. This is how seamless problem solving and conflict resolution are achieved in guest service. This willingness to empower employees is part of creating a Culture of Yes within an organization.  The goal is to create an environment in which everyone is striving to say “Yes”, rather than figuring out ways to say, “No”. It is essential that this attitude be instilled in all frontline, customer-facing, employees. Finally, in order to ensure that the hotel can generate a consistent level of performance across a wide variety of situations, management must also put in place well-defined systems and standards, and then educate their employees about them. Every employee must be aware of and responsible for every standard that applies in their department. The April issue of the Hotel Business Review will document what some leading hotels are doing to cultivate and manage guest satisfaction in their operations.