Category Archives: Liability

by | July 24, 2012 · 6:10 am

Hospitality Industry Security Risks: Electronic Hotel Room Locks Shown To Be Vulnerable To "Hardware Gadgets"

The system’s vulnerability arises, Brocious says, from the fact that every lock’s memory is entirely exposed to whatever device attempts to read it through that port. Though each lock has a cryptographic key that’s required to trigger its “open” mechanism, that string of data is also stored in the lock’s memory, like a spare key hidden under the welcome mat.

At the Black Hat security conference Tuesday evening, a Mozilla software developer and 24-year old security researcher named Cody Brocious plans to present a pair of vulnerabilities he’s discovered in hotel room locks from the manufacturer Onity, whose devices are installed on the doors of between four and five million hotel rooms around the world according to the company’s figures. Using an open-source hardware gadget Brocious built for less than $50, he can insert a plug into that DC port and sometimes, albeit unreliably, open the lock in a matter of seconds. “I plug it in, power it up, and the lock opens,” he says simply.

The ability to access the devices’ memory is just one of the two vulnerabilities Brocious says he found in Onity’s locks. He says the company also uses a weak encryption scheme that allows him to derive the “site code”–a unique numerical key for every facility–from two cards encoded one after another for the same room. By reading the encrypted data off of two cards and testing thousands of potential site codes against both cards until the decoded data displays a predictable interval between the two, he can find the site code and use it to create more card keys with a magnetizing device. But given that he can only create more cards for the same room as the two keys he’s been issued, that security flaw represents a fairly low risk compared with the ability to open any door arbitrarily.

For more:  http://www.forbes.com/sites/andygreenberg/2012/07/23/hacker-will-expose-potential-security-flaw-in-more-than-four-million-hotel-room-keycard-locks/

6 Comments

Filed under Crime, Guest Issues, Liability, Maintenance, Management And Ownership, Technology

Tagged as , , , , , ,

by | July 23, 2012 · 6:08 am

Hospitality Industry Legal Risks: California Hotel Sued For Discrimination Under "Unruh Civil Rights Act" For Prohibiting Charitable Event

Alleging that they were the victims of discrimination, Ryan, the grandson of Holocaust survivors, and 17 other individuals later filed suit against Adaya and the hotel under California’s Unruh Civil Rights Act, which says no business establishment may discriminate on the basis of sex, race, color or religion. In addition to Adaya, the suit names Indus Investments Inc., the corporate owner and operator of the hotel.

Ari Ryan and other young leaders of the Friends of the Israel Defense Forces gathered on the afternoon of July 11, 2010, at the Hotel Shangri-La in Santa Monica for a charitable event. Soon after the party got underway around the hotel’s pool, apologetic hotel staff and security guards began telling group members to remove their literature and banners, to get out of the pool and hot tub, and to stop handing out T-shirts, according to Ryan and court documents.

The employees were acting on the orders of hotel owner Tehmina Adaya, according to the statements of witnesses and hotel employees in court documents. Adaya is a Muslim woman of Pakistani descent.

In court documents, Adaya said the July event had not been scheduled with the hotel and that the participants were trespassing on hotel property. Philip E. Black, an attorney for Adaya, declined to comment.

A jury trial is slated to begin Monday in Santa Monica Superior Court. The plaintiffs are seeking more than $1 million in damages.

According to the lawsuit, the charitable event was for the Legacy Program, a branch of the Friends of the Israel Defense Forces that raises funds to send children of fallen Israeli soldiers to summer camp. The party was planned by Platinum Events, a marketing firm that had organized other gatherings at the Shangri-La after the property underwent a $30-million renovation and reopened in mid-2009, the complaint said.

For more:  http://www.latimes.com/news/local/la-me-shangri-la-lawsuit-20120723,0,868164.story

Comments Off on Hospitality Industry Legal Risks: California Hotel Sued For Discrimination Under "Unruh Civil Rights Act" For Prohibiting Charitable Event

Filed under Guest Issues, Legislation, Liability, Management And Ownership, Risk Management

Tagged as , , , , ,

by | July 22, 2012 · 4:08 pm

Hospitality Industry Legal Risks: North Carolina Companies Outlawed From Firing Employees Before Or After Filing Legitimate Workers' Comp Claims

The North Carolina Retaliatory Employment Discrimination Act (REDA) outlaws discharging em­­ployees for filing workers’ compensation claims. It’s a protected activity. 

Equally illegal: Jumping the gun by firing employees before they ­actually fill out the workers’ compensation paperwork. Employees are also protected when they inform a supervisor that they may be filing a claim soon.

Recent case: Shannon worked as a property manager for M&M Properties for just three weeks. While cleaning a hotel room as part of his training, Shannon said he injured himself. He reported the incident to his supervisor and said he wanted to check with his doctor before filing a workers’ compensation claim in case he had merely pulled a muscle.

Meanwhile, the company issued a disciplinary warning, outlining problems encountered during Shannon’s training, such as tardiness and lack of communication. He was fired a few days later.

He went ahead with filing the workers’ comp claim—and then followed up with a REDA lawsuit. The company argued that because Shannon hadn’t filed a claim before he was terminated, he couldn’t argue retaliation.

The court disagreed. Otherwise, employers would be able to fire employees—and dodge liability—as soon as they got hurt. (Fatta v. M&M Properties Man­­agement, No. COA11-1397, Court of Appeals of North Caro­­lina, 2012)

For more:  http://www.businessmanagementdaily.com/31679/workers-comp-claim-resist-urge-to-retaliate

Comments Off on Hospitality Industry Legal Risks: North Carolina Companies Outlawed From Firing Employees Before Or After Filing Legitimate Workers' Comp Claims

Filed under Claims, Insurance, Labor Issues, Liability, Management And Ownership

Tagged as , , ,

by | July 19, 2012 · 6:13 am

Hospitality Industry Parking Risks: Kentucky Hotel Guest's Auto Stolen By Man Posing As A Valet

“…(suspect) was posing as a valet at the Seelbach Hilton Hotel on June 29. After helping the owner of the vehicle into the hotel with their luggage, Gibbs then drove away with the $25,000 SUV…”

A Louisville man has been charged with theft after he pretended to be a hotel valet and stole a SUV. A short time later, the vehicle’s owner said someone told them the person who drove off in the SUV was not a hotel employee.

Police identified Gibbs as the suspect after looking at hotel security footage and said he later confessed to the crime. The vehicle was recovered that same day parked in front of Gibbs apartment.

Gibbs is charged with theft by unlawful taking of an auto over $10,000.

In a statement to WAVE 3, Jon McFarland, general manager of the Seelbach Hilton, said, “The Seelbach has not had a prior incident like this. We are aggressively looking at how it happened, and preventing it from happening again.”

For more:  http://www.wave3.com/story/19054310/police-fake-valet-steals-suv

Comments Off on Hospitality Industry Parking Risks: Kentucky Hotel Guest's Auto Stolen By Man Posing As A Valet

Filed under Crime, Guest Issues, Labor Issues, Liability, Management And Ownership, Risk Management, Theft

Tagged as , , , , ,

by | July 17, 2012 · 6:18 am

Hospitality Industry Employee Risks: Former Manager Of New York Hotel Convicted Of Felony Theft Of $50,000 From Cash And Expenses On Corporate Credit Card

“…(woman was ordered) to pay $48,883.53 in restitution…that amount would cover thefts Aylmer committed by taking cash from the hotel and by running up expenses on the corporate credit card…”

“A co-defendant…is responsible for paying back about $12,000 to cover the theft of supplies from the hotel that the defendants attempted to sell on Craigslist and eBay…”

The former manager of a Cicero hotel was sentenced today to five years’ probation for stealing more than $50,000 from her employer. Cathaline Aylmer, 40, of Utica, had nothing to say before Onondaga County Judge Joseph Fahey imposed the probationary sentence agreed to when Aylmer pleaded guilty May 11 to a felony count of second-degree grand larceny.

In pleading guilty, Aylmer admitted stealing from the Days Inn Hotel on Bartel Road from June through July 2010.

For more:  http://www.syracuse.com/news/index.ssf/2012/07/former_cicero_hotel_managed_se.html

Comments Off on Hospitality Industry Employee Risks: Former Manager Of New York Hotel Convicted Of Felony Theft Of $50,000 From Cash And Expenses On Corporate Credit Card

Filed under Crime, Labor Issues, Liability, Management And Ownership, Risk Management, Theft

Tagged as , , , , ,

by | July 16, 2012 · 6:32 am

Hospitality Industry Spa Treatment Risks: Florida Hotel Sued By Woman Who Claims "Near-Fatal Massage And Treatment" Has Resulted In Two Years Of Medical Expenses

“…a spa employee slathered her in aromatic essential oils, aloe, and shea butter. But the curvy Jersey girl began to have doubts when she was wrapped tightly in a “cellophane-type material” and helped inside something called an Alpha Massage Capsule. It looked like a space-age coffin…”

“…Once inside, she couldn’t move. As the temperature soared, she started to become overheated and lightheaded. She shouted for help, but the attendant had vanished, the lawsuit says. Then Berean passed out…”

According to a lawsuit she filed earlier this month, Berean’s spa treatment (at the Howard Johnson Hotel in Miami Beach in July 2010) turned into one hot, buttery nightmare. The spa promised to leave her skin “glowing,” but Berean’s “hot butter wrap” nearly melted her instead. After two years of medical bills, she wants payback.

“She was stuck in this little heating egg,” says Berean’s lawyer, Andrew Norden. “She yelled, but nobody came to help her. Then she passed out. It was terrifying for her.”

Lawyers representing Nirvana Spa did not respond to requests for comment. Berean also declined to speak to New Times about her ordeal, but her attorney and lawsuit paint a terrifying picture of relaxation gone awry.

When the Nirvana Spa employee finally returned, she took Berean out of the capsule and unwrapped her like an aborted butterfly. Berean gradually came to, but instead of calling paramedics, the employee put the barely conscious client into the shower and left her alone again, according to the lawsuit. Berean fainted a second time and hit her head.

Berean has undergone “extensive medical care and treatment” because of the near-fatal massage, the lawsuit claims. But Natalia Bazhenova, Nirvana’s current manager who joined the spa after the incident, says the story sounds suspicious.

For more:  http://blogs.miaminewtimes.com/riptide/2012/07/woman_sues_nirvana_spa_on_miam.php

Comments Off on Hospitality Industry Spa Treatment Risks: Florida Hotel Sued By Woman Who Claims "Near-Fatal Massage And Treatment" Has Resulted In Two Years Of Medical Expenses

Filed under Claims, Guest Issues, Health, Injuries, Liability, Management And Ownership

Tagged as , , ,

by | July 15, 2012 · 6:51 am

Hospitality Industry Employee Risks: Michigan Hotel Employee Charged With Stealing Money From Manager's Room; Background Check Would Have Revealed Lengthy Criminal History

“(the employee) allegedly stole $220 from the purse of her assistant manager who had been staying in a room at the hotel…a hotel manager confirmed that since the Lewis incident, the hotel now conducts background checks. The manager said had they known that Lewis had been convicted of crimes in the past, they would have not hired her…”

An employee of a Muskegon Heights hotel with a lengthy criminal background has been charged with a felony for allegedly stealing money from her manager’s room. Kortney Donesia Lewis, 24, of Muskegon, was arraigned in Muskegon County 60th District Court on Wednesday on one count of larceny from a building, a four-year felony, and as a fourth-time habitual offender.

“The manager noticed by surveillance video and key-code confirmation that Lewis had been in her room,” Gardner said. “Lewis was confronted and admitted it.”

Gardner said Lewis’ criminal history includes a 2006 conviction for an embezzlement charge; a 2009 conviction of larceny from a building and a conviction that same year for stealing and using someone’s credit card.

Based on that history, Gardner said it’s difficult to sympathize with the hotel officials who hired Lewis. “In this case it doesn’t just seem to be the responsibility of the defendant for her actions, but for the hotel for hiring a woman with an extensive criminal history for theft crimes,” he said. “It defies commonsense to give a person with that background access to rooms that often times hold valuables.”’

For more:  http://www.mlive.com/news/muskegon/index.ssf/2012/07/muskegon_heights_hotel_employe.html

Comments Off on Hospitality Industry Employee Risks: Michigan Hotel Employee Charged With Stealing Money From Manager's Room; Background Check Would Have Revealed Lengthy Criminal History

Filed under Crime, Labor Issues, Liability, Management And Ownership, Risk Management, Theft

Tagged as , , , , ,

by | July 14, 2012 · 8:16 am

Hospitality Industry Health Risks: Oregon Restaurants Will Not Be Required To Prohibit "Bare-Hand Contact" Pending Review; "Double Hand-Washing Rule" To Be Enforced

“…(the State of Oregon) decided to remove the bare-hand contact prohibition from the proposed rules because this issue needs further discussion…the group will convene multiple times over the next few months. The state will continue to enforce its double hand-washing rule for food servers until any changes are announced…”

The Oregon Health Authority is shelving its proposed rule mandating that restaurant workers not prepare food with their bare hands. State health officials have decided to convene a work-group on standards to prevent food-borne illness. The group will work toward a substitute to the so-called “no bare hand contact” rule originally proposed by the Health Authority.

That provision was to take effect on July 1, but was delayed after protests from the food service industry. The work group will include restaurateurs, legislators, medical professionals and others.

Gail Shibley, the administrator of the OHA’s Public Health Division, said her agency is looking for diverse opinions. “We think we can get the wisdom from restaurateurs as well as a variety of other folks to really dig into the details of this specific provision, and move forward at a later date,” she said.

For more:  http://www.mailtribune.com/apps/pbcs.dll/article?AID=/20120713/NEWS07/120719990/-1/NEWSMAP

Image provided by MyDoorSign.com

Comments Off on Hospitality Industry Health Risks: Oregon Restaurants Will Not Be Required To Prohibit "Bare-Hand Contact" Pending Review; "Double Hand-Washing Rule" To Be Enforced

Filed under Food Illnesses, Guest Issues, Health, Labor Issues, Liability, Maintenance, Management And Ownership, Risk Management, Training

Tagged as , , , , ,

by | July 10, 2012 · 1:52 pm

Hospitality Industry Crime Risks: Alabama Hotel Employees Assist With Arrest Of Identity Theft Ring Operating In Guest Room

“…Investigators say when the officers entered the hotel room, there were stolen credit cards, computers, cameras, scanner and other items in plain sight…the group had been making fake identification and checks. They had also made Social Security cards and drivers licenses. Police say that many of the victims are businesses…”

Irondale Police say they have arrested and charged three people with multiple counts of identity theft after a hotel called them to evict a group of non-paying customers.

Victor Hedden, 46 of Phenix City, Raymon Hall, 29 of Columbus, Georgia, and Precious Clemons, 25 of Columbus, Georgia have been charged with possession of forged materials and trafficking in stolen ids.

The incident happened Saturday when employees with America’s Family Inn called to ask the police’s help to remove a group of people who hadn’t paid their hotel bill for several days.

For more:  http://www.myfoxal.com/story/18985033/unpaid-hotel-bill-leads-irondale-pd-to-identity-thieves

Comments Off on Hospitality Industry Crime Risks: Alabama Hotel Employees Assist With Arrest Of Identity Theft Ring Operating In Guest Room

Filed under Crime, Liability, Maintenance, Management And Ownership, Risk Management, Technology, Theft

Tagged as , , , , ,

by | July 9, 2012 · 4:01 pm

Hospitality Industry Security Risks: Husband Of Slain Woman Sues California Hotel In Wrongful Death Lawsuit; Claims Homeless People Were Known Threat To Guests

“…court documents say that hotel security were aware that homeless people and others had committed “assaults with deadly weapons, thefts, and other disturbances,” but “failed to take any security measures” to keep guests safe, the complaint alleges…”

The lawsuit claims that a homeless man or “uninvited third party” walked through an unsecured first-floor door and killed Finley’s wife while he was sleeping in the couple’s sixth-floor room.

A wrongful death lawsuit against the Biltmore Hotel moved forward on Monday when a man whose wife was found dead at the LA landmark during an audition for “America’s Got Talent” alleged the hotel destroyed evidence to cover up the slaying of his wife.

The body of his wife, Laura, was found in a stairwell at the famed downtown hotel on Oct. 23, 2010.

Hotel security failed to warn guests about security issues related to remodeling work being done on the first and second floors, court documents said.

Hotel security found Laura Finley’s body at the bottom of the first-floor staircase. The body of the 48-year-old woman was found with no top and wearing pants that were inside out. Her diamond rings were missing, court papers said.

For more:  http://www.nbclosangeles.com/news/local/Americas-Got-Talent-Audition-Death-Biltmore-Hotel-161855745.html

Comments Off on Hospitality Industry Security Risks: Husband Of Slain Woman Sues California Hotel In Wrongful Death Lawsuit; Claims Homeless People Were Known Threat To Guests

Filed under Crime, Guest Issues, Insurance, Liability, Management And Ownership, Risk Management

Tagged as , , , , ,