Group items matching

in title, tags, annotations or url

Travelers who checked in to the Westin Bonaventure Hotel & Suites in Los Angeles between April and December last year are being advised to review their credit card statements and credit reports this week after hotel officials warned of yet another security breach.

The Westin Bonaventure Hotel and Suites in Los Angeles had a security breach where their point of sale system for processing debit and  credit card transactions have been hacked. Data such as guests name, cedit and debit numbers and expiration date were jeopardized. Hackers had not been able to access information from the Hotel's computer system and neither did they affect guest room charges. The Director, Michael Czarcinski apologized and offered free credit monitoring services for those who used their cards during that nine month period.

Marriott's data breach in 2018 exposed the information of over 500,000 guests including names, addresses, and passport numbers - leading to a class-action lawsuit and falling share values. The California Consumer Privacy Act, taking effect in 2020, gives Californians the right to know what information is collected about them and where this information goes. Amazon, Facebook, Google, Microsoft, Twitter, Uber, AT&T and Verizon are lobbying against the CCPA, but data-security regulations are being enacted regardless to protect customers against these breaches.

This article explores multiple hacks of different Marriott networks that led to guest and employee security breaches. More specifically the hacks include a third party IT security who downloaded malware that ended up allowing access to internal Marriott email. Another involved hackers stealing the starwoodhotels.com domain which allowed them access to consumer information thinking they were booking rooms. Another beach came through the use of an insecure password for one of their cloud networks.

Hotel industries have been under attack from excessive hacking, as seen with Hilton being targeted for private financial information from guests. In 2014, it was noticed that hackers had been targeting Hilton throughout the course of 17 weeks. They state that the industry itself has not really focused budgeting on cyber security. It seems that the process is done by integrating a virus into these hotels POS system. The virus was actively attacking the Micros program, which was being used in more than 300,000 hotels and resorts. An ultimate treasure chest for information, some of which was not even encrypted. In addition, the virus appears in the system as a legitimate software, and then it obtains over 90 percent of stored information. This hacking is being conducted by organized groups, who moved from the retail industry because it had indeed improved its cyber security. With hotels it seems that the concept has not been taken as seriously. There are many hotels susceptible to such an attack. As long as there is a sales software, then someone is looking to get into it. A person could be sitting inside of your location, and infiltrating a guests' wireless internet, and they would not even know. In order to engage this threat, locations must be proactive in attempting to stop what is occurring. The only question is, how much are they willing to invest in cyber security?

This Article deals with the hacking of Darkside the hacker group who extorted over 4 million dollars paid in bit coin, this article goes into ho w the FBI was able to get the monies paid back to the company.

Following a robbery at a Houston hotel in which thieves exploited security flaws in Onity locks first revealed at the Black Hat conference in July, Hotel Management spoke with Todd Seiders, director of risk management at Petra Risk Solutions and former director of loss prevention at Marriott, for tips on how hoteliers can keep their rooms secure. An NFC-compatible lock, such as this Signature RFID by VingCard lock, can streamline the check-in process.

Some of the major concern hotel such as Houston hotel are facing is robbery. A lot of the older locks in the hotel are so old that it may be easy to rob precious items from the guest rooms. NFC has a new lock where the newer lock does not have an encryption code, instead the guest will get a new code from the front desk. The new lock ensure that hackers can not easily hack into a guest rooms. In addition, the new NFC-compatible locks help guests skip the check in process at the front desk and instead use their mobile phone to open their guest room doors and check themselves into the hotel.

Technology projects will be the biggest investments among hotel executives in 2013. This article focuses on the recent attention room locking technology has received and the priority hotels have placed on upgrading their locking technology. Although the security flaw is limited to one manufacturer, the impact will be felt among the entire industry. Guest safety must always be the top priority among hotel managers and staff. A guest room break in can ruin a hotels reputation in their respective community. Regardless of how the situation occurred a common perception is that the hotel was somehow at fault and guest safety is not a priority. As an industry we must always strive to create a safe environment for our guests. Upgrading our hotel locks, training staff proper safety procedures when entering and exiting guest rooms and proper check in procedures are what our guests demand of us to ensure their continued safety.

A security researcher discovered that he could unlock certain electronic key card entry devices used at millions of hotels by inserting a plug into the small port in the bottom of the key card device and unlocking the door. When he inserts the plug and turns on his device it triggers the mechanism inside that key card device and opens the door in seconds. Granted when he tested this at a conference he was only able to open 1 of 3 doors but it was still enough to show the flaw in the system. It doesn't sound likely after reading the article that there is an easy or cost effective fix to this problem because so many hotels across the world use these devices supplied by Onity. I think the lesson here is to always be vigilant in securing your valuables in any hotel room. Any time new technology is installed there is going to be someone right behind trying to hack it or find the security breaches.

Nelson, I went back and read your article, very interesting to see the follow up but I am surprised that it has taken this long to come out. I wonder if this would have been more publicised if it would have put more pressure on Onnity to fix the problem without putting financial burden on the hotel owners? I am curious now to see if my own company has been effected by this issue.

That is scary that you can think you are secure and anyone can hack the system and open your hotel room door. Now paranoid people that think they may be robbed by hotel staff, also have to think of outsiders, not even staying at the hotel. Anyone can enter hotels now a days and start opening doors like a lottery system, until they strike gold. The moral, be vigilant while on vacation, because there may also be someone eyeing your stuff. Also, if you have an in room safe use it.

It is hard to forget how thousands of Target customers financial information was compromised last year due to a breach in security of the company's POS. Target is not the only company that has been infected with this program that steals credit and debit card information. Actually, there have been more than a thousand businesses affected by this malware that has come to be called "Backoff." The malware targets POS systems and has stolen millions of credit card numbers as well as personal information on millions of customers. A large majority of cybercrime is focused on attacking business's POS systems. The malware attacks systems by going through a list of common passwords until it is able to hack the system. "Backoff" then disguises itself as a compatible Java component and collects credit card information. However, Apple has recently announced Apple Pay and many believe this can diminish a lot of cybercrime.

It is hard to forget how thousands of Target customers financial information was compromised last year due to a breach in security of the company's POS. Target is not the only company that has been infected with this program that steals credit and debit card information. Actually, there have been more than a thousand businesses affected by this malware that has come to be called "Backoff." The malware targets POS systems and has stolen millions of credit card numbers as well as personal information on millions of customers. A large majority of cybercrime is focused on attacking business's POS systems. The malware attacks systems by going through a list of common passwords until it is able to hack the system. "Backoff" then disguises itself as a compatible Java component and collects credit card information. However, Apple has recently announced Apple Pay and many believe this can diminish a lot of cybercrime.

Cloud computing has created a very hacking prone storage system because companies have not been paying as much attention to security as they should. Thus, by not taking the logical measures such as not uploading credentials to cloud storage systems, they are becoming prone to hacker raids. However, with the turning of the tide, new methods of security have presented themselves in the form of online tools such as HashiCorp's Vault Microsoft's Azure Key Vault, and Amazon's AWS Secrets Manager, which stores sensitive credentials in very limited access windows, as well as UpGaurd's BreachSight which detects online data leaks containing exposed and volatile client data, and Amazon's Amazon Macie, which learns the access patterns of your cloud storage,

This article expounds how hoteliers can ensure that their property provides a secure environment, while maintaining friendly customer service. This article goes into further detail about implementing key card access reviews in order to prevent the possibility for a criminal to gain undetectable entree to millions of keycard-protected hotel rooms. According to this article, establishing evergreen background screening protocols and controlling after hours access was also crucial in Hotels ensuring that their key card access systems are not vulnerable to hacking or unlawful access. Above all else, this article goes into great depth about maintaining an emergency response plan and team that would allow hotels to proactively implement prevention and response plans for everything from workplace violence to natural disasters.

As this week we are talking about electronic accounting systems, I found this article on the disadvantages of computerized accounting systems to be rather interesting. As mentioned in the article, many companies tend to become too reliant on computerized systems, which leads to them forgetting about the negative outcomes that may arise from using such systems. These disadvantages include high cost, from training staff to repairing/replacing the electronic systems. In addition, like any cloud-based system, a computerized accounting system can also make a company vulnerable to cyber security issues, such as hacking. Overall, while very advantageous, computerized accounting systems still have certain risks companies must address before deciding whether, or not to use them. 

I believe you found a very interesting article on electronic accounting systems. Even though the tendency is all about the positive aspects on electronic accounting systems, I enjoyed reading the perspective on this article which focuses on its drawbacks. Companies need to evaluate whether this investment is functional for them and weight the pros versus the cons. Additionally, the information on an electronic accounting system is sensitive, and it can make the company vulnerable to hacking and data breaches. These are very important points for managers to take into consideration while finding the right accounting system for them.

Some argue that the GDS is a fair system. It it does enable travel agents and clients to access travel data, make price comparisons, access special rates and book travel. The big 3 Travelport, Amaadeus, and Sabre do generate billions of dollars of global travel sales for travel providers. The fact is though that the current system is old, dating back to the 60's, has serious flaws, and can be hacked. It is also biased as travel agents bookings are swayed by the airlines they have preferred agreements with, which can skew the equation away from the traveler's best interests. Having 3 Big players with a virtual travel monopoly is not an ideal situation. Carriers are fighting back and airlines are changing strategy. Tension between airlines and the GDS caused by disputes has European airlines exploring models outside the GDS. To make the changes successful they cannot be restricted by outdated systems, old technology or financial burdens.

It discusses the high fees of the GDS and the fact that their system needs to be upgraded. Also, the challenges airlines face with paying those fees and ways the airlines are making additional revenue without having to pay fees to the GDS.

Due to the high fees some airlines were or are paying to the GDS companies, they are re-thinking their strategy to get more revenue out of the passengers, in order to mitigate the lost of revenue for not being anymore in an open GDS market like Amadeus. Amadeus knows they are the big gorilla in the market with a 44% of the share, compared to Sabre or Travelport, the other two leaders in the GDS market.

"You're probably already practicing basic online and mobile safety, but consider taking these credit card-specific measures as well: Know your merchant. When shopping online, look for sites with "https" in their web addresses (the "s" stands for "secured") and the green lock icon; make sure the URL includes the correct company's name, rather than a close-but-not-correct version; and, even on a secured site, share your information only if you know how it will be used. Type for each transaction. Never allow your credit card number to be stored on an online shopping site. Add a layer. Consider using an online payment system or mobile payment service like PayPal, Apple Pay, Samsung Pay or Android Pay to keep your credit card number out of the hands of merchants, so that if a merchant is hacked, it can't leak your account number. Watch out for public Wi-Fi. Don't shop or conduct financial transactions, including checking your accounts, using public Wi-Fi. Because it's a public network, your information can easily be viewed by anyone."

This article discusses a data breach that Ticketfly, a ticket booking online service, suffered due to hackers breaking in. Ticketfly is owned by major event booking company Eventbrite, and according to the article, Eventbrite failed to have adequate cybersecurity to prevent the breach, causing over 27 million customer information to be disclosed to the hackers. This just highlights the horrors that can happen when booking through a event registration software.

This article lists of some common security breaches that hoteliers need to be aware of and prepare the hotel system for.

This article talks about how cybersecurity can critically affect hospitality businesses if they are not careful about what ways could attack their business.

As the article states, "Protecting the identity and information of a customer is paramount to the success of any business and hotels are no exceptions." Quite unfortunately, cybersecurity issues are some of the biggest obstacles that hotels are experiencing nowadays. With hacking attacks such as phishing and ransomware, hotels need to invest in increasing their cybersecurity as any breach can lead to a downfall in business loyalty and brand.

Even though this article is from 2019 it is still extremely relevant today. POS systems are found in most hospitality outlets and the chances for a security breach are high. I have often thought when I had my credit card to a waiter and they are gone for 10 minutes are they copying the number, is it being added to a database that can then be hacked? The importance of having the proper securities in place, the proper malware and security software is really important. Having had a catering company for 20 years I had to do PCI compliance tests every 6 months and for years I just handed it over to my IT to do the test. He would suggest things to make us safer and since it usually cost money I would shake it off. It wasnt until the credit card processing company i was using had a security breach that I realized how important these PCI rules were. It is something going forward I will always pay attention to!

According to the article, two Romanian nationals have plead guilty for participating in an international, multimillion-dollar scheme to remotely hack into and steal payment card data from hundreds of U.S. merchants' computers, including a great number of Subway restaurants. The reality is that anyone with an Internet connection can search for, identify and target remote applications that businesses rely on. This case is a warning to operators utilizing POS systems to shore up their security by taking steps to make their accounts more difficult to breach and therefore less attractive hackers.

This article discusses the security issues with restaurants using remote desktop applications that are easily accessed by hackers trying to steal stored credit card information. The relative simplicity in which these hackers were able to steal the numbers should pose a real concern for restaurant owners in making sure their systems are properly secure from theft. They were able to crack simple password protected applications to gain access to private information. These remote applications used by restaurants are a not provided with enough security and therefore are easy targets for hackers.