CBS News reported that hackers target hotels because they are easy prey and it can take a long time--on average, about five months--until hackers are discovered. It is estimated that security breaches in the hospitality industry are higher than even the financial services or retail sectors.
According to Hotelnewsnow.com, Hotel-online.com, and various hotel news portals providing news for the hospitality executives, it is widely acknowledged that hotels of all sizes face a storm of factors making them vulnerable to breaches. What it really comes down to it is most hotels do not have data security as a priority. Let’s discuss some of the important factors provided by Hotel-online.com in the article “9 Ways To Avoid The Next Data Breach.”
First, guests provide personal information through multiple channels. These include hotel websites, online websites (e.g. Orbitz, Hotels.com, Kayak or Travelocity), phone calls, postal mail, email, and face-to-face interactions with the concierge. Each channel of personal information is a potential source of a data breach and must be individually protected.
Second, hotel managers, third parties, credit card processors, and employees often have access to a wide range of guests’ personal information. Guest credit card numbers that have been emailed to employees can remain on mail and backup servers for years. Negligent or even well-meaning employees may save an Excel spreadsheet containing guests’ home addresses and loyalty program information and forget about it. Each piece of forgotten data is a breach waiting to happen.
Third, many hotels and motels today offer computers for guest use, leaving not only the hotel/motel network (usually connected) but also standalone computers extremely vulnerable to hackers, viruses and most importantly, hidden customer data that can be stored within the bits and bytes of computer hard drives.
Furthermore, the popularity of hotels offering WiFi through unsecured wireless networks have proven to be ideal places for hackers to commit a wide variety of crimes including hacking into the hotel's credit card system. Hackers staying at hotels or parked nearby have exploited the anonymity of hotel wireless networks overall to conduct their hacking fiascos.