Subscribe
FREE EBOOK
Valid Email Required to receive free eBookSecurity Tips
Browse by Month
Browse by Category
Browse by Category
0
Published: Jul 15, 2010
Tags: just ask gemalto
Tags: just ask gemalto
Personally, I don’t particularly enjoy staying in hotels. Sure, after a long day of travel, the hotel is a relief, but in most cases, I’d much rather sleep in my own bed. Criminal hackers, on the other hand, love hotels.
According to a recent study, 38% of all credit card breaches occur in hotels. Despite several high profile breaches that recently affected payment processors and banks, the financial services industry only accounts for 19% of breaches. Retailers came in third at 14%, and restaurants fourth at 13%.
Over the past five years or so, I’ve noticed a trend in which criminals go after the most likely targets, and those victims beef up their defenses in response. So the bad guys move on to the next most likely target – one that hasn’t learned from others’ mistakes.
Hotels are easy targets because they are all credit card-based. It is possible to reserve a room without providing a credit card number, but they don’t make it easy. And hotels themselves certainly aren’t fortresses designed to keep bad guys out. They’re designed to be open and inviting, with, at best, a bellman whose focus is assisting guests rather than guarding the front door. Maybe that mentality exists in hotels’ IT security departments, too.
The root of the issue is the hotel industry’s insufficient security measures to prevent data breaches. Many rely on older point of sale terminals and outdated operating systems, which are more vulnerable to hackers. When the recession hit, many hotels cut back and decided to hold off on upgrades. While their defenses were down, hackers slithered into their networks to steal guests’ personal financial data. Once thieves have accessed this data, they can clone cards with the stolen numbers and use them to make unauthorized charges.
As a consumer, your only recourse is to pay close attention to every single penny charged to your credit card, and dispute any fraudulent or incorrect transactions, no matter how small. Check your statements frequently and be sure to dispute all unauthorized charges within two billing cycles, or 60 days.
Canada and Mexico have adopted smart cards, which use “chip and PIN” technology, making the credit card data useless to potential identity thieves. Eventually we may see the adoption of smart cards in the U.S., which would put an end to this madness.
Robert Siciliano, personal security adviser to Just Ask Gemalto, discusses hackers hacking hotels on CNBC. (Disclosures)
About the Author
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
Similar Posts
- Hackers Target Small Business
Big companies and big government get big press when their data is breached. And when a big company is hit, those whose accounts have been compromised are often notified. With smaller businesses, however, victims are often left in the dark, regardless of the various state laws requiring notification. One reason for this is that smaller businesses - Card Not Present Fraud Burdens eTailers
More than 90% of online purchases are made with cards, whether they are credit, debit, or gift cards. A virtual payment that takes place online or over the phone, without physical inspection of the card, is considered a “card not present” or CNP transaction. In a CNP transaction, it is not possible to examine - Why You Need to Pay Attention to Credit Card Statements
Despite what silly James Bond-esque credit card commercials may imply, credit card companies don’t really protect you to the degree you expect. If a credit card company detects irregular spending on your credit card, they may freeze your account or call to verify your identity. While these measures do help secure your card to an - Banks and Credit Card Issuers Move Toward Chip and PIN
EMV, which stands for Europay, MasterCard, and Visa, refers to the chip and PIN credit card technology commonly used in Europe and elsewhere around the world. Credit cards that incorporate an embedded microprocessor chip are far more secure than any other form of credit card currently available, including the standard magnetic striped cards that are - Credit Card Data Breaches Cost Big Bucks
Javelin Strategy & Research estimates that credit and debit card issuers spent $252.7 million in 2009 replacing more than 70 million cards compromised by data breaches. In 2009, an estimated 39 million debit cards and 33.3 million credit cards were reissued due to data breaches, for a total of 72.2 million. An estimated 20% of those