Category Archives: Technology

by | November 17, 2012 · 7:18 am

Hospitality Industry Theft Risks: Hawaii Hotel Store Shoplifter Steals $2,000 Worth Of Merchandise; Surveillance Cameras Record Theft

A shoplifter brazenly stole more than $2,000 worth of merchandise from a small clothing and jewelry shop in a Waikiki hotel. The whole theft was recorded on surveillance cameras, and the video has been posted online in an effort to nab the suspect.

[youtube=http://www.youtube.com/watch?v=L7CoKibjaDo&feature=youtu.be]

The theft happened Nov. 5 at the Angels By The Sea store at the Waikiki Beach Marriott Hotel. The surveillance video clearly shows a woman looking through some of the clothing. She then removes the clothing from its hanger, rolls it up, and casually puts it in a large bag.

The store’s owner said the woman told the sales clerk a story. According to store owner and designer Nina Thai, the woman claimed to be a jewelry designer from Kauai. “‘I make a lot of jewelry, so I want to have time to take a look so leave me alone,'” Thai said the woman told the clerk.

The store usually has two or three clerks on duty, but Thai said the store was short-handed that day, and only had one clerk at the time. And when that lone clerk was busy with a customer, the shoplifter helped herself to the jewelry.

The store’s management said they discovered the theft because the shoplifter had moved a lot of the jewelry from their usual places. “Because we stay in here more than at home,” said Thai. “So we remember every single item.”

And then they saw the surveillance video, and watched as the woman took earrings, necklaces, pendants, leggings and tops. The haul was the by far the biggest theft in the store’s three-year history.

For more:  http://www.hawaiinewsnow.com/story/20124145/shoplifter-ignores-surveillance-cams-video-now-on-youtube

Comments Off on Hospitality Industry Theft Risks: Hawaii Hotel Store Shoplifter Steals $2,000 Worth Of Merchandise; Surveillance Cameras Record Theft

Filed under Crime, Insurance, Maintenance, Management And Ownership, Technology, Theft

Tagged as , , , , ,

by | October 22, 2012 · 9:23 am

Hospitality Industry Security Risks: "Hacking Hotel Locks In Seconds With Cheap Tools" (ABC News Video)

[youtube=http://www.youtube.com/watch?v=6jlkxDikeiI]

Why 100’s of thousands of tourists are vulnerable to theft or worse.

Comments Off on Hospitality Industry Security Risks: "Hacking Hotel Locks In Seconds With Cheap Tools" (ABC News Video)

Filed under Guest Issues, Liability, Maintenance, Management And Ownership, Risk Management, Technology, Theft

Tagged as , , , , , ,

by | October 7, 2012 · 1:14 pm

Hospitality Industry Information Security Risks: Hotel's Guest's Credit Cards Are Targets For "Identity Thiefs" From "Mulitple Charges" During Stay

“…hotels have lots of employees — and many of them have access to the credit card and other personal information of guests. No matter how well trained and supervised, more personnel correlates to greater risk. The fact that low-level employees typically have access to key guest information, and that there is, historically, a high turnover in hotel employees, exacerbates the problem…”

Hotels are obvious targets for identity and financial theft for many reasons. Hotels transact business through credit cards, and those credit cards are kept on file and can be accessed multiple times during a guest’s stay. The possibility that a credit card charge will be recorded occurs with each night’s room charge, room service, bar or restaurant bill, spa charge, and so on. Every charge is another opportunity for an identity thief to access the information using sophisticated computer hacks and other malicious software, generally without the hotel’s knowledge.

The need to respond to guest demands is another source of insecurity. The Identity Theft Resource Center noted, “The ability to connect to the Internet is an integral part of many individuals daily life. This has led to the increased demand for public WiFi.” As a result, hotels find themselves compelled to offer wireless internet, and that service is almost always unsecured. But an unsecured wireless network is “just as dangerous as leaving files of your most important personal documents on a street curb for all to see. Hackers can easily get into an unsecured wireless network and get financial information, business records or sensitive e-mails.” (PC World, “Got Wireless Security”, http://www.pcworld.com/article/125040/got_wireless_security.html). At the same time, hotels have little say in the matter. Guests demand wireless internet service.

Some security researchers have described a wave of attacks against the hospitality industry. In 2010, the cybersecurity consultant Trustwave found that in 38% of its investigations, hotels and resorts were the victims of successful cyber intrusions, despite those firms only representing 3% of its customers.  Hotels represent a disproportionate number of security breaches.

For more:  http://hotellaw.jmbm.com/2012/10/liability_for_guest_information_.html

2 Comments

Filed under Crime, Guest Issues, Liability, Management And Ownership, Risk Management, Technology, Theft

Tagged as , , , ,

by | October 4, 2012 · 6:29 am

Hospitality Industry Security Risks: Hotel "Electronic Room Locks" Opened With "Hacking Device" Tool Disguised As "Dry Erase Marker" (Video)

[youtube=http://www.youtube.com/watch?v=QyN-8CeNSZg]

A trio of hackers have built a tool that appears to be an innocent dry erase marker, but when inserted into the port on the bottom of a common form of hotel room keycard lock triggers the lock’s open mechanism in a fraction of a second.

The security researchers who spend their days breaking into clients’ systems to find and fix security vulnerabilities often call themselves “penetration testers,” or “pentesters.” But one group of hotel lock hackers just gave the term “pentest” a very different meaning.

The inconspicuous lock hacking device is an adaption of one demonstrated at the Black Hat security conference in July by Cody Brocious, a hacker and software developer for Mozilla, who discovered and exploited a vulnerability in Onity locks, a cheap and popular hotel room lock that the company says are used on at least four million hotel rooms worldwide. Through the port on the bottom of the lock intended for a device that hotels can use to set master keys, Brocious found he was able to read the lock’s memory, including a decryption key stored on the locks that gave him access to their opening mechanism.

2 Comments

Filed under Crime, Guest Issues, Liability, Management And Ownership, Privacy, Risk Management, Technology, Theft

Tagged as , , , , , ,

by | August 16, 2012 · 6:34 am

Hospitality Industry Payment Fraud Risks: Woman Arrested After Using Stolen Credit Card With "Illegitimate Authorization Code" To Scam Florida Hotels

Police believe the alleged Discover employee was actually Betancourt’s accomplice, who gave an illegitimate code to the hotel clerk. According to investigators, codes are sold on the black market to help crooks override the system.

According to authorities, 53-year-old Debra Betancourt used an old, stolen Discover credit card linked to a closed account and a fake Arizona state ID to scam a number of hotels on Miami Beach. Police say at 11:30 p.m. Monday, Betancourt went to the Alexander Hotel on Collins Avenue. She informed a hotel employee that she made an online reservation with the stolen Discover card.

However, Betancourt’s card was declined for a charge of $4,100. Betancourt got on the phone, police said, and called someone who she said worked at Discover. The alleged employee gave the hotel clerk an authorization number, but the hotel would not complete the transaction.

Less than an hour later, at 12:15 a.m., Betancourt headed south and tried the scam again at the Cadet Hotel on James Avenue. This time, Betancourt got lucky: Her card was approved for 10 nights for a grand total of $10,105. Another hour passed, and the 53-year-old headed even further south to the Anglers Hotel on Washington Avenue, where she tried to pull the scam for the third time.

Betancourt once again ran into problems, and called the mystery Discover employee. However, the card was declined and the hotel manager contacted police. According to authorities, Betancourt kicked the manager in the groin and took off, but officers caught up with Betancourt and arrested her.

Read more: http://www.wsvn.com/news/articles/local/21008278197692/accused-hotel-scam-artist-arrested/#ixzz23ieeFMyM

Comments Off on Hospitality Industry Payment Fraud Risks: Woman Arrested After Using Stolen Credit Card With "Illegitimate Authorization Code" To Scam Florida Hotels

Filed under Crime, Guest Issues, Liability, Management And Ownership, Risk Management, Technology, Theft

Tagged as , , , ,

by | July 24, 2012 · 6:10 am

Hospitality Industry Security Risks: Electronic Hotel Room Locks Shown To Be Vulnerable To "Hardware Gadgets"

The system’s vulnerability arises, Brocious says, from the fact that every lock’s memory is entirely exposed to whatever device attempts to read it through that port. Though each lock has a cryptographic key that’s required to trigger its “open” mechanism, that string of data is also stored in the lock’s memory, like a spare key hidden under the welcome mat.

At the Black Hat security conference Tuesday evening, a Mozilla software developer and 24-year old security researcher named Cody Brocious plans to present a pair of vulnerabilities he’s discovered in hotel room locks from the manufacturer Onity, whose devices are installed on the doors of between four and five million hotel rooms around the world according to the company’s figures. Using an open-source hardware gadget Brocious built for less than $50, he can insert a plug into that DC port and sometimes, albeit unreliably, open the lock in a matter of seconds. “I plug it in, power it up, and the lock opens,” he says simply.

The ability to access the devices’ memory is just one of the two vulnerabilities Brocious says he found in Onity’s locks. He says the company also uses a weak encryption scheme that allows him to derive the “site code”–a unique numerical key for every facility–from two cards encoded one after another for the same room. By reading the encrypted data off of two cards and testing thousands of potential site codes against both cards until the decoded data displays a predictable interval between the two, he can find the site code and use it to create more card keys with a magnetizing device. But given that he can only create more cards for the same room as the two keys he’s been issued, that security flaw represents a fairly low risk compared with the ability to open any door arbitrarily.

For more:  http://www.forbes.com/sites/andygreenberg/2012/07/23/hacker-will-expose-potential-security-flaw-in-more-than-four-million-hotel-room-keycard-locks/

6 Comments

Filed under Crime, Guest Issues, Liability, Maintenance, Management And Ownership, Technology

Tagged as , , , , , ,

by | July 10, 2012 · 1:52 pm

Hospitality Industry Crime Risks: Alabama Hotel Employees Assist With Arrest Of Identity Theft Ring Operating In Guest Room

“…Investigators say when the officers entered the hotel room, there were stolen credit cards, computers, cameras, scanner and other items in plain sight…the group had been making fake identification and checks. They had also made Social Security cards and drivers licenses. Police say that many of the victims are businesses…”

Irondale Police say they have arrested and charged three people with multiple counts of identity theft after a hotel called them to evict a group of non-paying customers.

Victor Hedden, 46 of Phenix City, Raymon Hall, 29 of Columbus, Georgia, and Precious Clemons, 25 of Columbus, Georgia have been charged with possession of forged materials and trafficking in stolen ids.

The incident happened Saturday when employees with America’s Family Inn called to ask the police’s help to remove a group of people who hadn’t paid their hotel bill for several days.

For more:  http://www.myfoxal.com/story/18985033/unpaid-hotel-bill-leads-irondale-pd-to-identity-thieves

Comments Off on Hospitality Industry Crime Risks: Alabama Hotel Employees Assist With Arrest Of Identity Theft Ring Operating In Guest Room

Filed under Crime, Liability, Maintenance, Management And Ownership, Risk Management, Technology, Theft

Tagged as , , , , ,

by | June 16, 2012 · 6:32 am

Hospitality Industry Wireless Security Risks: Cyber Criminals Setting Up "Mock Wi-Fi Hot Spots" At Hotels To Steal Wireless Device Data

“People will see ‘free Wi-Fi’ and click on it, and when they do that they open themselves up to great exposure…the best approach is to be wary and steer clear of Wi-Fi hotspots that do not seem legitimate — something (that) looks like it’s not quite right, not the proper name they might expect,” 

Gary Davis, McAfee’s director of global consumer marketing, said there was a growing trend of hackers setting up mock Wi-Fi hotspots in public places, which appear at the top of the list of available Wi-Fi connections.

Once compromised, hackers can take total control of a device, including removing all the data contained on it. Android devices are currently the devices most targeted by hackers, Davis said.

“We saw a 1,200% increase in malware targeting Android devices just in the first quarter of this year,” he said.

John said the best approach for business travelers when using public Wi-Fi is to remotely log into their employer’s virtual private network, or VPN, which ensures all data received and sent from a device is encrypted.

For more:  http://edition.cnn.com/2012/06/12/business/cyber-hackers-data-security-travel/index.html

Comments Off on Hospitality Industry Wireless Security Risks: Cyber Criminals Setting Up "Mock Wi-Fi Hot Spots" At Hotels To Steal Wireless Device Data

Filed under Crime, Guest Issues, Liability, Maintenance, Risk Management, Technology, Theft

Tagged as , , , ,

by | May 23, 2012 · 6:23 am

Hospitality Industry Information Risks: Man Arrested In Texas Hotel Room At Center Of "Extensive Identity Theft Operation"

“…(He) is charged with the possession of marijuana and meth. But inside his hotel room at the Hyatt Regency in Dallas police found 400 to 500 credit cards, debit cards, gift cards and social security numbers. There was evidence of personal information involving a federal agency lifted from registration forms from a conference hosted by a North Texas hotel…”

A California man with North Texas ties is behind bars for drug possession. He was also in a downtown Dallas hotel room that appeared to be the center of an extensive identity theft operation. On Monday Dallas police arrested 26-year-old Justin Bennett. His last known address is in Los Angeles but records show he used to live in Rockwall.

Police also confiscated three laptops, a printer and a credit card embossing machine.

Sources said whoever is behind the identity theft operation appears to be taking existing credit card numbers and putting different names on them. It would never have been discovered except for a clever car rental company.

On Sunday the rental company out of Oklahoma rented a white SUV from its satellite office near the airport to a man who paid $2200 for two weeks. He used a credit card.

For more:  http://www.myfoxdfw.com/story/18597822/extensive-identity-theft-operation-exposed

Comments Off on Hospitality Industry Information Risks: Man Arrested In Texas Hotel Room At Center Of "Extensive Identity Theft Operation"

Filed under Crime, Guest Issues, Liability, Management And Ownership, Risk Management, Technology, Theft

Tagged as , , , ,

by | May 22, 2012 · 6:12 am

Hospitality Industry Security Risks: Texas Hotel Guests Have Laptop And iPad Stolen From Room; GPS Tracking Feature Leads Police To Thieves

“…Police say hotel guests returned to their room to find their key card no longer worked. Once they had a new key, they discovered someone had stolen a laptop computer, wallet, a cell phone and the iPad from the room…”

Officers were able to track down an iPad stolen from a room at the Omni Bayfront Hotel to a home on the southside of town early Sunday morning.

The owner of the iPad used a tracking feature on the device to let officers know they could find the iPad at an address on High Meadow Drive. Police say when they arrived at the home they could see people inside and marijuana in plain view.

The people inside refused to answer the door for police at first, but someone inside did answer the victim’s phone when police called.

For more:  http://www.kristv.com/news/hotel-guests-help-track-down-theft-suspects/

Comments Off on Hospitality Industry Security Risks: Texas Hotel Guests Have Laptop And iPad Stolen From Room; GPS Tracking Feature Leads Police To Thieves

Filed under Crime, Guest Issues, Liability, Management And Ownership, Privacy, Technology, Theft

Tagged as , , , , , ,