Category Archives: Crime

Hotel Industry Credit Card Security Risks: Major Hotel Industry Associations Issue "Joint Statements" On Actions To Prevent Cyber-Crime

 Three major hotel industry associations, including the American Hotel & Lodging Association (AH&LA), Hotel Technology Next Generation (HTNG), and Hospitality Financial and Technology Professionals (HFTP) today issued the following joint statement to hotels regarding organized cyber crime attacks on credit card data. It identifies actions that hotels — and not their system vendors — need to take immediately in order to minimize their vulnerabilities and to avoid the potential for hundreds of thousands of dollars in costs and fines that typically result when just a single hotel system is breached.

  • Cyber criminals are systematically attacking systems that store credit card data
  • Criminal organizations are highly structured and integrated with the world’s organized crime rings
  • Attacks on hotels are highly targeted and effective
  • Many hoteliers believe they are not vulnerable because they use Point-of-Sale and Property Management Systems that have been validated as conforming to the latest PCI security standards.
  • The most important security measures are those that keep cyber criminals from getting inside the hotel network in the first place
  • Once inside, there are many ways for them to steal the data, even if the PMS or POS system itself is secure.

The three actions are:

  1. Eliminate EVERY default password on EVERY machine on your network — server, workstation, router, firewall, and any other device that has a password.
  2. Eliminate holes in remote access to systems inside your network
  3. Get a firewall and configure it properly. Operating without an Internet firewall is just as risky. Yet many hotels, especially smaller ones, don’t have a firewall

For more:  http://www.hospitalitynet.org/news/154000320/4050609.html

Comments Off on Hotel Industry Credit Card Security Risks: Major Hotel Industry Associations Issue "Joint Statements" On Actions To Prevent Cyber-Crime

Filed under Crime, Guest Issues, Liability, Management And Ownership, Risk Management, Technology, Training

Hotel Industry Employee Risks: New York Hotel Employee Convicted Of Raping Guest And Civil Suit Seeks Damages For "Negligent Hiring, Supervision And Training"

A tourist filed a suit on Monday against a New York hotel where she was raped by an employee.

Her Manhattan federal court suit is seeking unspecified damages from the corporate parent company Surrey Hotel Associates for the allegedly negligent hiring, supervision and training of Jaime Marin Lopez Mendoza.

The victim’s holiday nightmare happened two days after Christmas in 2009. She was attacked at about 3am while sleeping in her room in the Dream Hotel on West 55th Street. He was convicted of first-degree rape in January and received a 15 year prison sentence.

Mendoza struck after helping the stumbling woman and her boyfriend into their room following a night of drinking, the New York Post reports. He ran off when she awoke to find him on top of her.

Manhattan Supreme Court Justice Jill Konviser described the attack as the ‘ultimate example of depravity,’ adding: ‘This crime was not only violent and calculated, but it was a master class in cowardice.’ The victim, who comes from Rhode Island, did not go to the sentencing but wrote a letter which was read out in court.

Read more: http://www.dailymail.co.uk/news/article-1366522/Tourist-sues-New-Yorks-Dream-Hotel-employee-raped-her.html#ixzz1GiAlQ223

2 Comments

Filed under Claims, Crime, Guest Issues, Labor Issues, Management And Ownership, Risk Management

Hospitality Industry Security Risks: Hotel Employee "Erroneously" Gives Room Key To Man Who Is Charged With Child Molestation And Assault

Allegedly, the suspect was not a registered guest at the hotel but was staying with a registered guest. He approached a front desk clerk and stated that he did not have his room key and therefore needed a replacement key.

On top of that, the suspect stated to the clerk which room that he was staying in, and … the clerk did not bother to check the suspect’s identfication against the stated room number.

According to KMOV-News, An intoxicated adult male, Daniel T. Hughes, 42, had asked for a room key at the Ritz Carlton Hotel and was not only given the wrong room key, but climbed into bed with a 9-year old child.

The child’s parents were asleep in an ajoined room. At this time. the Clayton Police Department, do not believe that the suspect had any prediposed motives leading up to the assault, however, he was arrested, charged, and being held on bail. The incident occurred early Sunday evening around 4:00 a.m.

For more:  http://www.examiner.com/offender-awareness-in-st-louis/error-judgment-by-ritz-carlton-employee-leads-to-child-molestation

Comments Off on Hospitality Industry Security Risks: Hotel Employee "Erroneously" Gives Room Key To Man Who Is Charged With Child Molestation And Assault

Filed under Crime, Guest Issues, Labor Issues, Management And Ownership, Risk Management, Training

Hospitality Industry Information Security Risks: "Electronic Pickpocketing" Allows Criminals To Steal Credit And Debit Cards Containing RFID Technology

“…criminals can steal credit cards, debit cards, passports and other valuable information…This crime is referred to as “electronic pickpocketing”.  The technology used to perform this type of theft is called radio frequency identification or “RFID”….

Hundreds of millions of credit cards, debit cards and all passports issued since 2006 are embedded with a radio frequency identification chip—or RFID.  RFID chips are also commonly used in hotel keys, cards that raise gates in parking garages and unlock doors at businesses.  Government, military and port of entry ID cards are also vulnerable to this type of theft.  You need only swipe the card in front of a reader.  The RFID chip is always on, making consumers more susceptible to identity theft. 

Thieves can steal this information by using a frequency reader.  These readers are inexpensive and easy to obtain.  The thief can simply walk next to you and acquire your credit card number and expiration date without any physical contact. While these cards are in your wallet or purse they can transmit your card or passport number and in some states, your digital drivers’ license information when placed near a reader.  The information almost immediately appears on a computer screen without you ever knowing about it.  Apparently U.S. passports are more difficult to read than cards with RFID chips because they require a password.  However, hackers with enough knowledge can see everything on the passport’s front page.   A thief can be long gone before the consumer ever realizes his information has been stolen.  This is “electronic pickpocketing”.

For more: http://www.ktnv.com/story/14225766/consumers-beware-of-electronic-pickpocketing

Comments Off on Hospitality Industry Information Security Risks: "Electronic Pickpocketing" Allows Criminals To Steal Credit And Debit Cards Containing RFID Technology

Filed under Crime, Guest Issues, Insurance, Liability, Maintenance, Management And Ownership, Risk Management, Theft

Hospitality Industry Guest Parking Risks: Keys Stolen From "Unattended" Valet Box At Atlanta Restaurant Result In 2 Stolen Cars And Personal Property

 Several sets of car’s keys were taken from an unlocked and unattended valet box near the trendy diner. Another car owner had his 2010 Audi stolen.

The owner of the valet company, Pro Park, said his insurance will cover costs of the stolen cars and replacing all the victims’ keys. 

  ‘It’s pretty brazen to go after them in the view of everyone.’

At a restaurant in Atlanta where a thief took car keys from an unlocked valet box and drove off with a Mercedes which had the ashes of the owner's dead father inside

 

A thief drove off with a car which had the ashes of the owner’s dead father inside the vehicle. Michael Doane’s father died the week before in a car accident and he had planned on scattering the ashes the next day with his family.

The 45-year-old’s Mercedes was parked right in front of  Murphy’s Restaurant in Atlanta’s Virginia Highland area when the cheeky thief struck. Madison Burnett told WSB-TV: ‘It’s pretty brazen to go after them in the view of everyone.’

Restaurant owner Tom Murphy said: ‘This is a tragic situation where a valet company who we subcontracted made a horrific mistake.

‘It is just heartbreaking that this occurred and our prayers go out to this family.  Hopefully the media recognition will greatly assist on the car being found as soon as possible.’

Read more: http://www.dailymail.co.uk/news/article-1359936/Thief-drives-ashes-car-owners-dead-father.html#ixzz1G70BlETl

Comments Off on Hospitality Industry Guest Parking Risks: Keys Stolen From "Unattended" Valet Box At Atlanta Restaurant Result In 2 Stolen Cars And Personal Property

Filed under Crime, Guest Issues, Insurance, Liability, Management And Ownership, Risk Management, Theft

Hospitality Industry Information Technology (IT) Risks: "Network Security and Privacy Liability" Insurance Is Available To Protect First-Party Risks And Third-Party Liability Involved In Cyber-Crime

“…Network Security and Privacy Liability policies are generally designed to address first-party risks and third-party liability–sometimes in the same policies, sometimes separately…”

“…first-party losses. These might include business interruption, which could be caused by a flood or fire in a data center, or malicious hacking by a disgruntled employee or even a cyber-crook half a world away...”

There is also the risk of being sued by third parties for somehow allowing–or failing to prevent–unauthorized access to sensitive information.

When IT goes down, business screeches to a halt. Indeed, for businesses such as online retailers, brokerages and some financial firms, the IT and data assets are the entire business–every bit as critical as the factory and warehouse are to the hard-goods manufacturer, or the vehicle fleet to a trucking company.

As more and more companies–and their insurers–are realizing, this reliance on IT creates a hornet’s nest of risks that can result in crippling losses that conventional, turn-of-the-century P&C insurance coverages won’t respond to. These new issues call for a new category of coverage.

Perhaps even more ominous are the all-new liability exposures inherent in IT operations. A raft of relatively new regulations and legislation makes companies responsible for safeguarding personal and confidential data they collect as part of everyday e-commerce operations.

Companies are liable for customer credit card numbers, financial transactions, medical history, credit information and other sensitive data.

For more:  http://www.propertycasualty360.com/2010/03/15/cyber-coverage-the-new-must-have-in-the-property#

Comments Off on Hospitality Industry Information Technology (IT) Risks: "Network Security and Privacy Liability" Insurance Is Available To Protect First-Party Risks And Third-Party Liability Involved In Cyber-Crime

Filed under Crime, Guest Issues, Liability, Management And Ownership, Risk Management, Technology

Hospitality Industry Employee Theft: Delaware Hotel Accounting Manager Arrested For Cash Thefts And Falsifying Business Records

Detectives with the Division of Gaming Enforcement arrested 53-year-old Andrew McCoy of Smyrna on Tuesday. He is charged with theft and falsifying business records.

  • An employee theft is any intentional misappropriation of employer property, e.g., inventory, fixed assets, currency checks, or trade secrets.
  • It can include fraud (intentionally misleading the employer), embezzlement (theft of corporate funds) or forgery (altered negotiable instruments).
  • It can be as straightforward as a theft of petty cash or as complex as a misappropriation scheme detectable only in an audit.
  • It can be the isolated act of a single low-level employee or a complex scheme involving a trusted senior employee.

Authorities say the former director of hotel accounting at Dover Downs has been arrested in connection with cash thefts from the hotel. Dover Downs CEO Denis McGlynn tells The News Journal of Wilmington that McCoy was fired in February after evidence was found of internal thefts. McGlynn says the thefts, believed to have totaled between $20,000 and $25,000, involved small cash transactions.

For more:  http://www.therepublic.com/view/story/ac67083ec0e54c05a592be7577a39914/DE–Dover_Downs-Theft/#

Comments Off on Hospitality Industry Employee Theft: Delaware Hotel Accounting Manager Arrested For Cash Thefts And Falsifying Business Records

Filed under Claims, Crime, Insurance, Labor Issues, Management And Ownership, Risk Management, Theft

Hospitality Industry Information Security: British Courts Jail Operators Of World's Largest Internet Crime "Forum" Which Provided "Hacking Software" And Credit Card Theft Instructions

The site contained manuals such as “14 ways of hacking credit cards” and “running cards on eBay” and information on staying anonymous. It sold hacking software and instructions on how to manufacture crystal meth and explosives.

Nicholas Webber, who masterminded the criminal website Ghostmarket.net, has been jailed for five years.

Three teenagers who founded and operated one of the world’s largest English-language internet crime forums, described in court as “Crimebook”, have been sentenced to up to five years in custody. Police estimate that losses from the thousands of credit details traded over the site, Gh0stMarket.net, amount to £16.2m. The web forum, which had 8,000 members worldwide, has been linked to hundreds of thousands of pounds of registered losses on 65,000 bank accounts.

Nicholas Webber, the site’s owner and founder, was arrested in October 2009 with the site’s administrator, Ryan Thomas, after trying to pay a £1,000 hotel bill using stolen card details. They were then 18 and 17. Webber was jailed for five years on Wednesday and Thomas for four years.

After seizing Webber’s laptop, police discovered details of 100,000 stolen credit cards and a trail back to the Gh0stMarket website. Webber and Thomas jumped bail that December, fleeing to Majorca, but were rearrested when they flew back to Gatwick airport on 31 January 2010.

Southwark crown court was told how public-school-educated Webber, the son of a former Guernsey politician, was using an offshore bank account in Costa Rica to process funds from the frauds. After his initial arrest, Webber threatened on a forum to blow up the head of the police e-crimes unit in retaliation, and used his hacking skills to trace officers’ addresses.

For more:  http://www.guardian.co.uk/uk/2011/mar/02/ghostmarket-web-scam-teenagers

Comments Off on Hospitality Industry Information Security: British Courts Jail Operators Of World's Largest Internet Crime "Forum" Which Provided "Hacking Software" And Credit Card Theft Instructions

Filed under Crime, Guest Issues, Insurance, Liability, Management And Ownership, Technology, Theft

Hotel Industry Crime Risks: Missouri Hotel "Disruptive Party Room" Turns Into Multiple Murder Crime Scene

At 3:19 a.m., a caller told a dispatcher that there was a large group of people and a “disturbance” inside a second-floor room at the Red Roof Inn.

Authorities have identified the three men who were killed in a shooting early Saturday at a party inside a Northland hotel room. Investigators have not determined what prompted the shootings that occurred early Saturday at the Red Roof Inn near Interstate 435 at Missouri 210.

Joksimovic and Hamidovic died at the scene. Elizondo died early today at a hospital after he was taken off of life support.

Marcus Regan, Metro Squad spokesman, said it remained unclear what happened. There were about 15 people inside the second-floor hotel room. Something went wrong during the party and several gunshots were fired, Regan said.

Investigators continue to look for witnesses, he said. Relatives of Joksimovic declined to speak, but through a family interpreter, his mother said her son was a good kid. The family had moved to the area about two years ago. North Kansas City school officials said Joksimovic, who is of Serbian descent, attended North Kansas City High School and was on track to graduate this spring.

Authorities said that the party had been disruptive while in Independence. Twice their revelry had triggered noise complaints that attracted police.

Investigators did not immediately know what prompted the shootings. As the shots rang out, all three victims slumped inside the hotel room.

Read more: http://www.kansascity.com/2011/02/27/2685550/third-victim-dies-in-northland.html##ixzz1FHB1zZ1Z

Comments Off on Hotel Industry Crime Risks: Missouri Hotel "Disruptive Party Room" Turns Into Multiple Murder Crime Scene

Filed under Crime, Guest Issues, Injuries, Management And Ownership, Training

Hospitality Industry Advertising Risks: Misleading Hotel Guests Using Online "False Reviews" Or "Photoshopped" Images On Hotel Website "Violates The Law"

“…a person or company that endorses a service or product should be upfront about any financial connection they may have with the marketer. For example, if an employee of a hotel writes a review of the hotel, they must say they are an employee. Posing as an independent reviewer would violate the law…”

“…Fabricating a property’s appearance through the use of Photoshop or trick photography, or posting false online reviews to create a more appealing facade is not recommended or condoned by the American Hotel & Lodging Association…”

Misleading potential guests is not only ethically objectionable, it also minimizes the chance for repeat business, word-of-mouth referrals, and positive online reviews. Additionally, planted reviews are typically transparent and the intended result has the opposite effect.

For hoteliers, AH&LA recommends addressing and responding to negative online comments and accurately representing the hotel in online and offline material to ensure guest satisfaction and long-term success. For consumers, AH&LA recommends reviewing a mix of high, low, and medium online reviews to identify consistent characteristics of the hotel. Additionally, it’s advised to use multiple sources to obtain the most accurate depiction, including visiting the hotel’s Website, online and offline review sources, and Facebook.”

For more:  http://today.msnbc.msn.com/id/41741701/ns/today/

Comments Off on Hospitality Industry Advertising Risks: Misleading Hotel Guests Using Online "False Reviews" Or "Photoshopped" Images On Hotel Website "Violates The Law"

Filed under Crime, Guest Issues, Labor Issues, Management And Ownership, Risk Management, Technology, Training