Category Archives: Risk Management

by | March 23, 2013 · 12:10 pm

Hospitality Industry Theft Risks: South Dakota Restaurant Account Manager Charged With Stealing More Than $100,000; Deposited Checks Into Personal Account Over 7 Month Period

“…(the defendant) is accused of depositing money into her own bank account on 12 occasions, mostly through checks, with the thefts targeting Minervas of Bismarck, N.D. and the Phillips Avenue Diner in Sioux Falls totaling $97,477…(she) also reportedly deposited hospitality industry employee theftmoney electronically three other times, for a total loss to the business of $101,600. All the thefts took place between February and September last year…”

A former account manager for Minervas and the Phillips Avenue Diner has been charged with stealing more than $100,000 from the company last year. Bobbie Sue Davis, 28, worked for WR Restaurants Management when the thefts began, according to court paperwork. The company manages restaurants across North and South Dakota.

During an interview with an SFPD detective on Nov. 19, Davis allegedly admitted to stealing the money, saying she’d been having “personal financial issues” that year.

Davis was arrested on a charge of aggravated grand theft by embezzlement of $100,000 or more on Feb. 5 and released on bond. A grand jury indicted Davis this week. If convicted, she could spend up to 15 years in prison.

For more:  http://www.argusleader.com/article/20130322/UPDATES/130322021/Woman-accused-embezzling-more-than-100K-from-area-restaurant-chain

Comments Off on Hospitality Industry Theft Risks: South Dakota Restaurant Account Manager Charged With Stealing More Than $100,000; Deposited Checks Into Personal Account Over 7 Month Period

Filed under Crime, Labor Issues, Liability, Management And Ownership, Risk Management, Theft

Tagged as , , , , , ,

by | March 22, 2013 · 5:48 am

Hospitality Industry Theft Risks: Maine Restaurant Owner Convicted Of Stealing Over $67,000 From Customers By “Double Billing Credit Cards”

“…(the defendant) stole money from her customers by double billing their credit cards, the prosecutor said…(she) took credit card slips from sales at her restaurant during the summer of 2010 and later that year, and ran them through for payment a second time after the employee theftrestaurant had closed…may have stolen as much as $80,000 through the fraudulent credit card charges.”

A former local restaurant owner who stole more than $67,000 from banks and customers through check and credit card fraud, but who has since paid it back, has been ordered to spend 60 days in jail for her crimes. Having pleaded no contest last fall to two felony theft charges, Jennifer Lozano, 43, on Thursday received an overall sentence of five years with all but 60 days suspended and will have to serve two years of probation upon her release.

As part of a plea deal, prosecutors had agreed to cap the unsuspended part of the sentence at nine months if Lozano paid $67,399 in restitution to people and financial institutions she stole money from. She did so, paying off the final $18,000 she owed in restitution just as the sentencing hearing was about to begin Thursday afternoon in Hancock County Superior Court.

Kellett said an investigation revealed that Lozano conducted 1,488 fraudulent duplicate credit card transactions in the fall of 2010. She repaid many customers who complained, and many were repaid by their credit card companies, but she did not repay everyone who lost money through the scheme before police learned about it. As part of the restitution order, Lozano had to repay $15,300 to a credit card company that had lost money through the fraud and to customers whom she had not already repaid.

But Kellett said that restitution amount does not reflect the full scope of the illegal credit card transactions that Lozano made. Investigators believe that not all the double-billed customers complained, and so were not repaid either by Lozano or by their credit card firms.

For more: http://bangordailynews.com/2013/03/21/news/hancock/former-mdi-restaurant-owner-gets-60-days-for-67000-theft/?ref=polbeat

Comments Off on Hospitality Industry Theft Risks: Maine Restaurant Owner Convicted Of Stealing Over $67,000 From Customers By “Double Billing Credit Cards”

Filed under Crime, Guest Issues, Liability, Management And Ownership, Risk Management, Theft

Tagged as , , , ,

by | March 17, 2013 · 7:04 am

Hospitality Industry Cybercrime Risks: Hotel And Restaurant “Connected Point-Of-Sale (POS) Systems” Attacked By New Malware Called “Dexter”; Steals Credit Card Data And Transmits It “Encrypted” Back To Attacker

“…Just before the 2012 festive period, a new piece of malware surfaced and was found in hundreds of POS systems in hotels, restaurants, retailers and private parking providers. The malware was discovered by Israel-based security cybercrime in hotelsfirm Seculert: ‘Dexter’ (which comes from the string ‘BKDR_DEXTR.A’) is a data-theft tool used to target and attack POS systems. The program, which is Microsoft Windows-based, uses common techniques to search the memory of running processes to identify credit-card track data, but with the uniqueness of the attacker having full control…”

Connected point-of-sale (POS) systems – that’s the checkout to you and me – are the most recent targets of the cybercriminal, and a specially-crafted malware, dubbed Dexter, is further indication that now all kinds of connected devices may be vulnerable to attack.

Seculert CTO and co-founder Aviv Raff explains that while the company is as yet uncertain as to who is behind Dexter, the author is fluent in English: Dexter mainly targeted English-speaking countries. The malware was located in 40 different countries, but notably 42 per cent of POS systems targeted were in North America and 19 per cent UK-based. “Instead of going through the trouble of infecting tens of thousands of consumer PCs or physically installing a skimmer, an attacker can achieve the same results by targeting just a few POS systems with specially crafted malware,” Raff says.

The malware injects itself into the iexplore.exe file in Windows servers, through rewriting in the registry key. It then’ pinches sensitive credit-card data from the server, before transferring it through a remote command and control system. Windows-based POS systems are used increasingly in the industry, and according to Seculert’s findings, 51 per cent of targeted POS systems use the outdated Windows XP. The high percentage indicates Windows-based machines that process unencrypted track data are viable targets.

Microsoft Windows XP may be the ‘preferred’ choice for POS systems, especially among smaller retailers who feel that they cannot afford to upgrade, but with the operating system to be discontinued in 2014, the question is over what support will be offered for remaining XP users and if they will be able to handle the upgrade to Windows 7 or 8.

“Dexter only has three purposes in life,” says Trustwave’s security researcher Josh Grunzweig. “To always be running on the victims’ machine, to find any card, or track, data in any running program on the victim, and to communicate with the attacker who is controlling it.”

The latter is what makes the malware stand out and impresses Grunzweig. “I can’t remember the last time I saw a piece of malware that targeted POS systems that had a nice command and control structure to it,” adds Grunzweig.

He explains the hacker maintains control of the attack by using normal communication methods, but with the skill to hide what it was sending by encoding the data. This involved sending out a message to the attacker, by default, every five minutes and also checks the victim to see if there is any track data running every 60 seconds.

The magnetic strip on a credit card contains three tracks and the malware attempts to extract data from memory relating to tracks one and two, containing numeric or alphanumeric data that can be used to clone the card that was used in a transaction. If Dexter finds any of this track data, it alerts the attacker in the next message sent and the process is repeated. The attacker has the control to change the times and install additional malware or even remove Dexter altogether.

“The most unusual thing about Dexter is the small amount of public attention it has received,” says Trustwave’s Josh Grunzweig. “The issues that make POS-specific malware difficult to discuss in the industry also affects the ability of antivirus companies; without samples they are unable to provide detailed protections for specific threats.”

For more:  http://eandt.theiet.org/magazine/2013/03/turn-on-log-in-checkout.cfm

Comments Off on Hospitality Industry Cybercrime Risks: Hotel And Restaurant “Connected Point-Of-Sale (POS) Systems” Attacked By New Malware Called “Dexter”; Steals Credit Card Data And Transmits It “Encrypted” Back To Attacker

Filed under Claims, Guest Issues, Liability, Management And Ownership, Privacy, Risk Management, Technology, Theft

Tagged as , , , , , , ,

by | March 16, 2013 · 6:42 am

Hospitality Industry Property Risks: Illinois Restaurant Fire Starts In Basement Water Heater; Significant Water And Smoke Damage

“…most of the damage happened in the basement at their Bucktown flagship…service will be halted there and Restaurant Fire in Chicago. NBC Chicago Facebooktheir Chicago French Market satellite…the main dining room in Bucktown sustained smoke damage…”

A fire that broke out in the basement of Lillie’s Q barbecue restaurant in the Bucktown neighborhood late Thursday night destroyed the restaurant and left a firefighter with minor injuries, officials said. The fire at 11:40 p.m. at the restaurant at 1856 W. North Avenue, officials said. Fire officials said the fire rekindled later at about 4:18 a.m.

Firefighters told restaurant officials that the fire likely started in a water heater in the basement, and not one of the smokers. There were also apartments above the restaurant.Chicago Police closed North Avenue in both directions near Wood Street while firefighters worked to contain the fire. After the fire rekindled at 4:18 a.m. firefighters returned to the restaurant and a firefighter sustained minor injuries at that point.

For more:  http://articles.chicagotribune.com/2013-03-15/news/chi-firefighters-battle-blaze-at-lillies-q-restaurant-in-bucktown-20130314_1_scorches-restaurant-spokesman-fire-officials

Comments Off on Hospitality Industry Property Risks: Illinois Restaurant Fire Starts In Basement Water Heater; Significant Water And Smoke Damage

Filed under Fire, Insurance, Liability, Risk Management

Tagged as , , , ,

by | March 15, 2013 · 6:41 am

Hospitality Industry Legal Risks: California Restaurant Sued By Woman “Sexually Assaulted” By Employee Near Restroom; Failed To Perform Background And Reference Check

“…the lawsuit filed in San Mateo Superior Court alleges that Straits owners failed to provide a background or Hospitality Industry Criminal Background Checks (2)reference check for Guicoy that could have shed light on his “mental instability and propensity toward sexual assault…”

A Foster City woman is suing a restaurant where a dishwasher attempted to rape her as she waited to use the restroom on New Years Eve 2011. Now Mary Hagan, 35, has filed a $1 million lawsuit against Straits in Burlingame, claiming it could have performed a background or reference check on Jose Mauricio Guicoy before hiring him.

Guicoy allegedly grabbed Hagan and began pulling her into a closet with his pants unzipped, reported the San Mateo County Times. She was able to fight him off.

Guicoy pleaded no contest to sexual battery, and was sentenced a month later to two years in prison.

For more:  http://sanmateo.patch.com/articles/foster-city-woman-sexually-assaulted-by-dishwasher-files-lawsuit-against-restaurant

Comments Off on Hospitality Industry Legal Risks: California Restaurant Sued By Woman “Sexually Assaulted” By Employee Near Restroom; Failed To Perform Background And Reference Check

Filed under Crime, Guest Issues, Labor Issues, Liability, Management And Ownership, Risk Management, Training

Tagged as , , , , ,

by | March 12, 2013 · 6:31 am

Hospitality Industry Legal Risks: Hotel And Restaurant Management Must Conduct Criminal Background Checks To Avoid “Negligent Hiring Lawsuits”; Screening Must Be Relevant To Job Description To Avoid Discrimination

“…Hospitality employers (conduct criminal-background checks) to avoid negligent hiring lawsuits – a lawsuit from a guest or customer, for example, based on a hotel’s failure to properly screen an employee who later does Hospitality Industry Criminal Background Checks (2)harm…for each job description, (management) should prepare a memo that describes the relevance of, and need for, such information and how it is related to the particular job description…it is inconsistency in the selection of what type of background check each applicant gets that can often get employers sued for discrimination…”

According to some studies, over 90% of employers conduct criminal-background checks for some job applicants and over 70% of employers conduct background checks on all potential new hires. This includes many hospitality-industry employers. Most decision-makers want information about criminal behavior and other related data before bringing a candidate into the organization.

For example, the Equal Employment Opportunity Commission (EEOC) and some states are taking the position that, given the disproportionate rate of minorities that are arrested and convicted of crimes, an employer’s policy of disqualifying all applicants with criminal history can have a discriminatory impact on minority candidates and thereby violate Title VII’s discrimination laws.

Each state has its own position on the use of arrest and conviction records. Even when abiding by those parameters, there is still the need for a comprehensive, consistent set of procedures regarding the use of criminal history to avoid claims of discrimination. The key here is to identify by job description prior to hiring candidates, what kind of criminal background information (including how many years back) the company will look for and to ensure that the same level of background check is done for every applicant for that position.

Establishing a policy and procedure to make sure each applicant for a job description gets the same background check and having a defensible job-related justification for the relevancy and need for the information for each job position is critical to defending against future discrimination claims.

For more:  http://www.mondaq.com/unitedstates/x/225564/employee+rights+labour+relations/And+By+The+Way+Are+You+A+Criminal

Comments Off on Hospitality Industry Legal Risks: Hotel And Restaurant Management Must Conduct Criminal Background Checks To Avoid “Negligent Hiring Lawsuits”; Screening Must Be Relevant To Job Description To Avoid Discrimination

Filed under Crime, Employment Practices Liability, Insurance, Labor Issues, Liability, Management And Ownership, Risk Management

Tagged as , , , , , ,

by | March 10, 2013 · 8:20 am

Hospitality Industry Legal Risks: Pennsylvania Restaurant And Bar Settles “Music Copyright Infringement Lawsuit” For $9,000; Disc Jockey Played 12 Songs From Music Catalogue

“…any establishment that plays music is required to pay a licensing fee which, for bars and restaurants, is based on the square footage of the establishment…the owners agreed to settle the case to avoid the expense and Hospitality Industry Music Copyright Lawsuitsuncertainly of continuing the litigation. The settlement equates to a penalty of $750 per song. Federal law allows for penalties up to $30,000 per song…”

The owners of the Brews Brothers bar and restaurant in Jenkins Township have agreed to pay $9,000 to settle a copyright infringement lawsuit filed by a music publishing company. Broadcast Music Inc. filed suit against the bar in October 2012 after a representative from the company visited the establishment that March and witnessed a disc jockey playing 12 songs from artists who are part of BMI’s catalogue.

BMI, one of the nation’s largest music publishing companies, collects and distributes royalties to artists whose music is played on radio, television and at public venues.

BMI has been aggressively enforcing its copyrights in the region over the past several years, filing at least 11 federal lawsuits against various establishments in Luzerne, Lackawanna and other nearby counties since 2010, according to court records.

The settlement, filed Thursday, says Brews Brothers acknowledges it violated the copyrights for the songs.

For more:  http://psdispatch.com/news/333542/Bar-settles-copyright-infringement-lawsuit

Comments Off on Hospitality Industry Legal Risks: Pennsylvania Restaurant And Bar Settles “Music Copyright Infringement Lawsuit” For $9,000; Disc Jockey Played 12 Songs From Music Catalogue

Filed under Insurance, Labor Issues, Liability, Management And Ownership, Risk Management

Tagged as , , , ,

by | March 8, 2013 · 7:39 am

Hospitality Industry Property Risks: South Carolina Motel Fire Caused By Gasoline Vapors Ignited By Water Heater; $300,000 In Damage

“…vapors from gasoline stored there apparently ignited the pilot light in the water heater…it took 90 minutes for Motel Firemore than 50 firefighters from the town, Monetta, Ridge Spring and Lexington County to bring the blaze under control…”

A motel on the east side of town is closed after fire destroyed two-thirds of the 27-room structure, authorities said. Damage to the Leesville Lodge is estimated at $300,000, fire chief Jay Hendrix said.

The fire started shortly after 1 p.m. Wednesday in the laundry room at the 27-year-old motel in the 600 block of East Columbia Avenue, he said.

Read more here: http://www.thestate.com/2013/03/07/2664768/batesburg-leesville-motel-closed.html#storylink=cpy

Comments Off on Hospitality Industry Property Risks: South Carolina Motel Fire Caused By Gasoline Vapors Ignited By Water Heater; $300,000 In Damage

Filed under Insurance, Management And Ownership, Risk Management, Training

Tagged as , , , , , ,

by | March 7, 2013 · 7:18 am

Hospitality Industry Payment Risks: Hotel Tech Trade Association Releases “Secure Payments Framework For Hospitality”; Best Practices Advocates “Tokenization” And “Removal Of All Guest Credit Card Data From Systems”

Hospitality Industry Secure Payment Framework-page-001

Click on “Hospitality” to view online

Hospitality Industry Secure Payment Framework Executive Summary-page-001

For more:  http://www.scmagazine.com/hotel-tech-trade-association-offers-best-practices-for-reducing-payment-card-risk/article/283129/

Comments Off on Hospitality Industry Payment Risks: Hotel Tech Trade Association Releases “Secure Payments Framework For Hospitality”; Best Practices Advocates “Tokenization” And “Removal Of All Guest Credit Card Data From Systems”

Filed under Crime, Guest Issues, Insurance, Labor Issues, Liability, Management And Ownership, Risk Management, Technology, Theft

Tagged as , , , , , , ,

by | March 4, 2013 · 7:17 am

Hospitality Industry Insurance Risks: “Slip And Fall Accidents” And “Cooking Fires” Represent Top Operational Risks For Restaurant Owners

“…more than 3 million foodservice employees are injured each year from slip-and-fall accidents. With an average cost of almost $21,000 per claim, this is a substantial risk when you consider the number of guests slip_and_fall accidentwho also fall each year in a foodservice establishment…”

Cintas Corporation, a nationwide leader in restaurant facility solutions, identified the top 13 hidden risks to restaurant operations in 2013. By identifying potential risks before they become a problem, restaurant owners and managers can reduce their exposure and maximize their bottom line by ensuring the proper programs are in place.

  • Slip and falls: According to the National Floor Safety Institute (NFSI), more than 3 million foodservice employees are injured each year from slip-and-fall accidents. With an average cost of almost $21,000 per claim, this is a substantial risk when you consider the number of guests who also fall each year in a foodservice establishment. Protect floors, workers, and patrons with a comprehensive safe-floor program that includes deep cleaning, protection, and ongoing maintenance.
  • Cooking fires: By knowing that the majority of restaurant fires occur around 10 a.m., restaurant operators can develop a fire protection system that prevents or limits the spread of cooking fires. Ensure that hood suppression systems are regularly inspected by a licensed fire protection provider so they are always in working order and ready to extinguish a fire. Also, have your kitchen hood and exhaust ducts cleaned of excess grease and fuel at regular intervals.

For more:  http://www.qsrmagazine.com/news/cintas-reveals-top-13-hidden-restaurant-risks?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+QSRmagazine+%28QSR+magazine%29

Comments Off on Hospitality Industry Insurance Risks: “Slip And Fall Accidents” And “Cooking Fires” Represent Top Operational Risks For Restaurant Owners

Filed under Guest Issues, Injuries, Insurance, Labor Issues, Liability, Management And Ownership, Risk Management, Training

Tagged as , , , , ,