Category Archives: Crime

by | November 2, 2012 · 6:48 am

Hospitality Industry Legal Risks: "Data Breach Class-Action Lawsuits" Are Increasing As Judges Widen View To Include "Future Damages"; Average Settlements Of $2500 Per Plaintiff

“…Until a couple of years ago, courts would routinely dismiss lawsuits stemming from data breaches, such as the latest in South Carolina, unless the victims could show specific damages. Judges have since widened their view and are awarding class-action status to lawsuits that can show actual damages or a real possibility of future damages…”

The payout for companies on the losing side of a class-action suit can be substantial. A recent survey of data breach litigation found the average settlement award of $2,500 per plaintiff, with mean attorney fees reaching $1.2 million, according to a study by Temple University Beasley School of Law.

How federal courts define the damages people suffer from data breaches is broadening dramatically, leaving unprepared companies at greater risk of big payouts in class-action lawsuits, lawyers from a prominent law firm say.

Jeffrey Vagle, a lawyer with Pepper Hamilton, described as a “sea change” judges’ thinking. “Courts are starting to pick up on the fact that the data that can get out there can cause serious harm, maybe not immediately, but sometime in the near future,” Vagle said.

Examples include a case in which a laptop containing unencrypted personal data of Starbucks employees was stolen. While there was no evidence that the data was misused, the Ninth Circuit Court ruled in 2010 that the risk alone was enough to warrant a lawsuit, Vagle and colleague Sharon Klein said in a Client Alert published on the law firm’s website.

Data breaches have become a fairly common occurrence among companies of all sizes. Last year, 174 million data records were loss in 855 separate incidents, according to a recent report from Verizon. A 2011 Ponemon Institute survey of 583 IT and IT security professionals in the U.S. found that 90 percent of the organizations they represented had suffered at least one data breach.

To lessen potential damages, Pepper Hamilton recommends beefing up technical and physical security wherever possible. While no technology is 100% hacker proof, courts tend to compare what a company has in place to what is considered best practices for businesses of the same size and in the same industry. Taking all reasonable steps to prevent data theft can lessen damages.

Also, information shouldn’t be linked to individuals, unless absolutely necessary, and a notification policy needs to be in place, so people affected by data breaches are warned as quickly as possible.

A bill pending in Congress would set a national standard for data breach notification, replacing the variety of state laws that exist today. Introduced in June, the Data Security and Breach Notification Act would also set maximum damages and define what is considered a breach.

Irrespective of the bill’s fate, companies need to establish clear policies and procedures for handling data breaches when they occur. Klein recommends a dry run to ensure that everyone understands the steps that need to be taken.

“Many companies still believe that it only happens to the other guy,” Klein said. “And because of that, [they] have not done the blocking and tackling and preventative work upfront.”

For more:  http://m.csoonline.com/article/720128/courts-widening-view-of-data-breach-damages-lawyers-say?goback=.gde_922967_member_180838402

Comments Off on Hospitality Industry Legal Risks: "Data Breach Class-Action Lawsuits" Are Increasing As Judges Widen View To Include "Future Damages"; Average Settlements Of $2500 Per Plaintiff

Filed under Claims, Crime, Guest Issues, Insurance, Liability, Management And Ownership, Risk Management, Theft

Tagged as , , , , ,

by | October 29, 2012 · 7:00 am

Hospitality Industry Information Security Risks: Report Shows "Computer Password Theft" Has Increased Dramatically As Users Fail To Make Complex Passwords; Cybercrime Now Totals $110 Billion Annually

“…Only about half of computer users make complex passwords for themselves…In the first six months of 2012 alone, hackers stole over 30 million passwords on hacks of just three online services: eHarmony, Zappos and lawyer-friendly LinkedIn. Another recent survey, unconnected to the Norton survey, concurrently found that password theft is up 300 percent in 2012…”

The 2012 Norton Cybercrime Report is now out and it points to an incomprehensible laziness on the part of American computer users when it comes to using passwords.

According to this report, nearly three-quarters of adults have been the victim of a cybercrime (averaging a little under $300 per incident), totaling over 70 million people. The worldwide annual total of cybercrime is estimated at $110 billion.

That is coupled with two other problems: people use the same password for multiple functions, and people use passwords that are, in and of themselves, too simple.

The Norton survey was conducted with 13,000 adults in 24 countries. It found that nearly half of those responding do not use a password that combines phrases, letters, numbers, capitalized letters, lower case letters and symbols, which create complex passwords that are far more difficult to hack than passwords that do not have those things.

The survey showed that nearly a third of all respondents have been notified by an email service, social network, or bank to change their passwords. The bank figure—13 percent––is particularly alarming, implying that nearly one in eight people have had their bank account passwords compromised.

Seventeen percent of people store passwords to other accounts inside another password-protected account. Once one password is stolen, the keys to those other accounts are included.

More? A report out the last week of September found that one in 10 people had “1-2-3-4” as their four digit password. My guess is that a substantial number also have “1-1-1-1” and “0-0-0-0” as well.

For more:  http://www.akronlegalnews.com/editorial/5202

Comments Off on Hospitality Industry Information Security Risks: Report Shows "Computer Password Theft" Has Increased Dramatically As Users Fail To Make Complex Passwords; Cybercrime Now Totals $110 Billion Annually

Filed under Crime, Guest Issues, Insurance, Maintenance, Management And Ownership, Risk Management

Tagged as , , , , ,

by | October 23, 2012 · 6:32 am

Hospitality Industry Property Risks: North Carolina Hotel Suffers Extensive Water Damage After "Prank Phone Call" Causes Guest To Activate Fire Sprinkler

“…The caller told the guest who answered to activate the fire sprinkler in the room because there was a gas leak. After the guest followed the directions, the caller hung up…”

For the second time this year, a Leland hotel has suffered extensive damage because of a prank phone call. Leland Police say early Sunday morning, someone called the front desk of the Best Western off US 17 and asked to be transferred to a room.

The same thing happened to another guest in the hotel back in May. That prank flooded the first two floors of the hotel and caused thousands of dollars in damage.

Leland Police detectives believe this prank may be only one of many nationwide, as was the case back in the spring. Detectives are investigating any and all leads and plan on possible collaboration with federal officials to aid in this investigation.

For more:  http://www.wwaytv3.com/2012/10/22/leland-hotel-damaged-prank-call-for-second-time

Comments Off on Hospitality Industry Property Risks: North Carolina Hotel Suffers Extensive Water Damage After "Prank Phone Call" Causes Guest To Activate Fire Sprinkler

Filed under Crime, Guest Issues, Insurance, Liability, Maintenance, Management And Ownership, Risk Management, Training

Tagged as , , , , ,

by | October 7, 2012 · 1:14 pm

Hospitality Industry Information Security Risks: Hotel's Guest's Credit Cards Are Targets For "Identity Thiefs" From "Mulitple Charges" During Stay

“…hotels have lots of employees — and many of them have access to the credit card and other personal information of guests. No matter how well trained and supervised, more personnel correlates to greater risk. The fact that low-level employees typically have access to key guest information, and that there is, historically, a high turnover in hotel employees, exacerbates the problem…”

Hotels are obvious targets for identity and financial theft for many reasons. Hotels transact business through credit cards, and those credit cards are kept on file and can be accessed multiple times during a guest’s stay. The possibility that a credit card charge will be recorded occurs with each night’s room charge, room service, bar or restaurant bill, spa charge, and so on. Every charge is another opportunity for an identity thief to access the information using sophisticated computer hacks and other malicious software, generally without the hotel’s knowledge.

The need to respond to guest demands is another source of insecurity. The Identity Theft Resource Center noted, “The ability to connect to the Internet is an integral part of many individuals daily life. This has led to the increased demand for public WiFi.” As a result, hotels find themselves compelled to offer wireless internet, and that service is almost always unsecured. But an unsecured wireless network is “just as dangerous as leaving files of your most important personal documents on a street curb for all to see. Hackers can easily get into an unsecured wireless network and get financial information, business records or sensitive e-mails.” (PC World, “Got Wireless Security”, http://www.pcworld.com/article/125040/got_wireless_security.html). At the same time, hotels have little say in the matter. Guests demand wireless internet service.

Some security researchers have described a wave of attacks against the hospitality industry. In 2010, the cybersecurity consultant Trustwave found that in 38% of its investigations, hotels and resorts were the victims of successful cyber intrusions, despite those firms only representing 3% of its customers.  Hotels represent a disproportionate number of security breaches.

For more:  http://hotellaw.jmbm.com/2012/10/liability_for_guest_information_.html

2 Comments

Filed under Crime, Guest Issues, Liability, Management And Ownership, Risk Management, Technology, Theft

Tagged as , , , ,

by | October 4, 2012 · 6:29 am

Hospitality Industry Security Risks: Hotel "Electronic Room Locks" Opened With "Hacking Device" Tool Disguised As "Dry Erase Marker" (Video)

[youtube=http://www.youtube.com/watch?v=QyN-8CeNSZg]

A trio of hackers have built a tool that appears to be an innocent dry erase marker, but when inserted into the port on the bottom of a common form of hotel room keycard lock triggers the lock’s open mechanism in a fraction of a second.

The security researchers who spend their days breaking into clients’ systems to find and fix security vulnerabilities often call themselves “penetration testers,” or “pentesters.” But one group of hotel lock hackers just gave the term “pentest” a very different meaning.

The inconspicuous lock hacking device is an adaption of one demonstrated at the Black Hat security conference in July by Cody Brocious, a hacker and software developer for Mozilla, who discovered and exploited a vulnerability in Onity locks, a cheap and popular hotel room lock that the company says are used on at least four million hotel rooms worldwide. Through the port on the bottom of the lock intended for a device that hotels can use to set master keys, Brocious found he was able to read the lock’s memory, including a decryption key stored on the locks that gave him access to their opening mechanism.

2 Comments

Filed under Crime, Guest Issues, Liability, Management And Ownership, Privacy, Risk Management, Technology, Theft

Tagged as , , , , , ,

by | October 3, 2012 · 6:33 am

Hospitality Industry Crime Risks: South Dakota Restaurants Report $6,000 In "Bathroom Piping" Thefts

“…two men, one with a black backpack, were caught on surveillance standing next to the restroom Monday at the Russell Street and Minnesota Avenue restaurant…when a worker checked the restroom soon after, the toilet piping was missing…”

A local fast-food chain is out $6,000 after five of its restaurants were hit by a recent string of thefts of toilet piping in Sioux Falls. Five of the 11 local Burger King restaurants have reported thefts from men’s restrooms since Thursday. The most recent was Monday. Mike Leslie, director of operations for the local Burger King cooperate office, said the suspects might be caught on surveillance.

Police spokesman Sam Clemens said Monday’s two reports push the amount of restroom thefts to 14 since Thursday. Monday’s other theft was from the Ramkota Hotel in northwestern Sioux Falls. A public restroom was hit in the hotel, Clemens said.

Leslie said he has shared surveillance with police.

For more: http://www.argusleader.com/article/20121003/NEWS/310030051/Restaurant-chain-reports-6-000-lost-bathroom-thefts

Comments Off on Hospitality Industry Crime Risks: South Dakota Restaurants Report $6,000 In "Bathroom Piping" Thefts

Filed under Crime, Insurance, Maintenance, Management And Ownership, Theft

Tagged as , , , ,

by | September 26, 2012 · 6:17 am

Hospitality Industry Crime Risks: "Strong Smell" Leads Police To Meth Lab In Florida Motel Room

“…It’s  a huge public safety issue. The chemicals involved are volatile, can be volatile especially when mixed together. People that don’t know what they’re doing, even people who are experienced at cooking, still cause fires, explosions…”

Two men are accused of setting up a meth lab in a Tallahassee motel. It happened at the Super 8 motel on North Monroe Street.  Deputies say a tip led them to room 229 and the strong smell led them to a meth lab inside.

Jack Peppers and Kevin Smith – both of Thomasville – are accused of trafficking in meth, manufacturing meth and having the ingredients to make more. Deputies say one batch of the meth was ready and divided up for use.  Another batch, they say, was being chemically cooked upstairs.

“The dry product, we had about 16 grams which is worth about $1600 on the street which is pretty significant for what they consider a small lab,” said SGT Ed Cook with LCSO’s Vice and Narcotics Unit. “They also had another 500 grams of product that was still cooking.”

Deputies had to ventilate the room for hours before going inside to clean it up.  They say all of the adjoining rooms were vacant so they did not have to evacuate any other motel guests.

For more:  http://www.wctv.tv/news/headlines/Meth-Bust-at-Tallahassee-Motel-171177501.html

Comments Off on Hospitality Industry Crime Risks: "Strong Smell" Leads Police To Meth Lab In Florida Motel Room

Filed under Crime, Guest Issues, Health, Liability, Maintenance, Management And Ownership

Tagged as , , , ,

by | September 12, 2012 · 6:09 am

Hospitality Industry Legal Risks: Kansas Hotel Owners Indicted For Hiring "Undocumented Workers And Paying Them In Cash"; Government Seeks "Forfeiture Of Properties"

“…the (hotel owners) are charged with one count of conspiracy to harbor  undocumented workers for personal gain, five counts of harboring  undocumented workers for personal gain and four counts of wire fraud…The government is seeking to forfeit the proceeds of the crimes, including the two hotels the couple own. The government would seize the properties and then sell them, gaining money for taxpayers. The couple failed to pay the government the payroll taxes that they should have…”

The owners of two Kansas City-area Clarion hotels have been indicted on charges of knowingly hiring undocumented workers who were paid less than other employees. Munir Ahmad Chaudary, 51, and his wife, Rhonda R. Bridge, 40, both of Overland Park, own the Clarion Hotel at 7000 W. 108th St. in Overland Park and the Clarion Hotel at 11828 NW Plaza Circle near the Kansas City International Airport.

Both pleaded not guilty on Tuesday. U.S. Attorney Barry Grissom said the grand jury’s indictment alleges Chaudary and Bridge knew they were hiring undocumented workers to serve as housekeepers. This gave them a competitive advantage over law-abiding hotel owners, Grissom said.

“They paid the undocumented workers less and they paid them in cash. Their economic motive was to cut their costs and to get an advantage on other hotels that abided by the law,” Grissom said.

“This prosecution is aimed at unscrupulous employers who are a driving force behind illegal immigration,” Grissom said. “We’re going to go after people who are hiring them.”

The indictment alleges that in December 2011 investigators from DHS Homeland Security Investigations and the Kansas Department of Revenue received information that the two hotels were employing undocumented workers.

Investigators interviewed hotel employees and found out that most of them were illegally in the United States.

In June 2012, an undercover agent took a job as a housekeeper at the Clarion hotel in Overland Park, Grissom said.

The agent made it clear to Chaudary and Bridge when he was hired that he was unlawfully in the United States and had no documents allowing him to be employed, according to the indictment.

For more: http://www.kctv5.com/story/19512719/us-attorney-barry-grissom-holds-news-conference

Comments Off on Hospitality Industry Legal Risks: Kansas Hotel Owners Indicted For Hiring "Undocumented Workers And Paying Them In Cash"; Government Seeks "Forfeiture Of Properties"

Filed under Crime, Insurance, Liability, Management And Ownership, Risk Management, Training

Tagged as , , , , , ,

by | September 9, 2012 · 7:47 am

Hospitality Industry Crime Risks: California Hotels Victimized By Armed Robbery Suspects Who Would "Climb Over Front Counter And Steal Cash Drawer"

“…Surveillance video caught a recent hotel robbery…a suspect, with a handgun, climbs over the counter and steals the cash drawer.  In other cases, the crime turns violent…one hotel worker was punched in the face…”

Five suspects are in custody inNorthern California for crimes that may be tied to a string of robberies in theCentral Valley.  Two suspects are adults, three are juveniles.  Jamaul and Justina Baker, one 15-year-old and two 14-year-olds were arrested Wednesday night after allegedly robbing a hotel and convenience store inPlacerCounty.

Most of the victims up and down the state had similar stories.  A trio of masked robbers march into hotels and demand money.  Sometimes they become violent.  Eight hotels in the Central Valley and over a dozen in the state were hit.  Now the crime spree appears to be over.

In less than a week, robbers hit eight hotels and motels in the Central Valley:  Two in Fresno off the 99, then down the freeway to Selma and Kingsburg.  Over to the I-5, places in Coalinga, Firebaugh, Santa Nella and Patterson are robbed.

For more:  http://www.cbs47.tv/news/local/story/Hotel-robbery-suspects-caught/ATAsl2HFE0O57_ClJj62Ag.cspx

Comments Off on Hospitality Industry Crime Risks: California Hotels Victimized By Armed Robbery Suspects Who Would "Climb Over Front Counter And Steal Cash Drawer"

Filed under Crime, Injuries, Labor Issues, Management And Ownership, Risk Management, Theft

Tagged as , , , , , ,

by | September 8, 2012 · 6:10 am

Hospitality Industry Employee Risks: Restaurant Owners Use "Written Integrity Tests" To Limit High Costs Of "Employee Theft And Drug Use"

“…restaurant  owners  must address ethical issues when evaluating job applicants for  employment.  Historically, employers have relied upon reference checks,  criminal background checks and interviews to address these issues…now a growing number of restaurant owners use written integrity testing  to improve their  ability to screen  out high risk job  applicants…”

Employee theft and other forms of counterproductivity are highly significant  factors in determining the success of restaurants.  While employers tend to  have some awareness of the frequency with which employees engage in theft, drug  use and other counterproductive behaviors, the following research findings are  helpful in providing an objective  perspective of  how  frequently  these problematic behaviors occur:

  • The National Restaurant Association recently reported that the cost of  employee theft for its members is $8.5 billion annually or approximately 4  percent of food sales.
  • A study released in 2007 by the U.S. Substance Abuse and Mental Health  Administration indicated that the highest rate of illicit drug use occurs among  restaurant workers. A whopping 17 percent admitted to illegal drug use in the  last month.

Extensive research documents that integrity tests are good predictors of  whether an individual will engage in various forms of workplace  counterproductivity (e.g., theft, illegal drug use).  Also, these  assessments do not adversely impact minority candidates, which is a major  downside to criminal background checks.  Further, integrity tests are  relatively inexpensive and can be easily administered online. As a result, high  risk applicants can be screened from contention before wasting time and money on  interviews, criminal background checks and reference checks.

Read more at  http://www.business2community.com/human-resources/screening-job-applicants-to-minimize-employee-theft-and-other-forms-of-counterproductivity-in-the-restaurant-industry-0274014#MbysIc4cypbhdqY1.99

Comments Off on Hospitality Industry Employee Risks: Restaurant Owners Use "Written Integrity Tests" To Limit High Costs Of "Employee Theft And Drug Use"

Filed under Crime, Insurance, Labor Issues, Liability, Management And Ownership, Risk Management, Theft, Training

Tagged as , , , , , , , ,