Category Archives: Theft

Hotel Industry Safety And Security Risks: Major Hotel Chain Testing “Smart Phone” Application For Keyless Room Entry Which Could Expose Hotel Guests To Potential Risks

“…not all properties are as security-conscious as others. “

At this point we don’t know if there will be would-be prowlers hopefully beeping at locked hotel room doors or how glitchy the system could be.

Hackers also target hotels not only because they give up the goods pretty easily, but on average it takes a hotel about five months to figure out they’ve been hacked.

So far, little is known about the Open Ways application, including its vulnerabilities

Also, hotels as a rule, are known as easy pickings for hackers looking to find credit card numbers and other forms of identification. Because many are independently owned and operated, not all hotels in the same chain will have the same amount of security. and how it works in relation to the hotel system.

For more:  http://industry.bnet.com/travel/10006366/smartphones-as-hotel-room-keys-not-so-fast/

Comments Off on Hotel Industry Safety And Security Risks: Major Hotel Chain Testing “Smart Phone” Application For Keyless Room Entry Which Could Expose Hotel Guests To Potential Risks

Filed under Crime, Insurance, Liability, Theft

Hotel Information And Data Security Risks: Costs To Hotels Can Be High If Guests Personal Information And Credit Card Data Are Stolen

“…class-action claims will be brought against hotels. These are particularly problematic because while the actual damages may be low, the cost of settling is very high…”

…basis for a claim can be negligence—hotel guests can argue that even when a hotel did not overstep its promises, it is liable to a guest for negligence by not taking adequate steps to protect information. That is going to be even more important as state and federal governments pass laws and adopt regulations that require companies to take affirmative steps to safeguard personal information; these laws and regulations will form a road map for potential plaintiffs.

as we see larger and larger breaches (such as the recently announced Wyndham breach), it’s likely that class-action claims will be brought against hotels. These are particularly problematic because while the actual damages may be low, the cost of settling is very high. Second, governmental agencies—particularly states’ attorneys general and the Federal Trade Commission—are increasingly active in monitoring and investigating breaches. Even where no damages are incurred, responding to investigations is a costly, time-consuming process. I am currently working on a response to an informal FTC investigation that recently topped 1,000 pages—and we’re about half way through.

For more:   http://www.hotelnewsnow.com/Articles.aspx?ArticleId=3364&ArticleType=35&PageType=News

Comments Off on Hotel Information And Data Security Risks: Costs To Hotels Can Be High If Guests Personal Information And Credit Card Data Are Stolen

Filed under Crime, Insurance, Liability, Theft

Hospitality Industry Liability Insurance: Hotels And Restaurants That Provide Valet Service Must Have Liability Insurance And Garage Keepers Legal Liability Coverage

Liability insurance and garage keepers legal liability insurance are two specifically different coverage’s.

In the news recently, a man used a valet on a lunch date with his wife. A man, pretending to be the valet, used his claim ticket to steal his wife’s brand new BMW...

Liability insurance provides protection for the parking company for their negligence should they injury or damage someone or someone else’s property (i.e. Bodily Injury and Property Damage Coverage).

This would be to a third party. Garage keepers legal liability insurance provides protection for the parking company for their negligence should they damage the customers vehicle in which they have taken into their care, custody and control.

For more:  http://www.valetpark.net/ins.html

2 Comments

Filed under Insurance, Liability, Theft

Hotel Industry Identity Theft Risks: Police Arrest Three At Oregon Hotel Who Used Fake ID’s And Stolen Credit Cards

“The name on the credit card, when they swiped it, didn’t come up on the display to match the id they had,” she said.

Hotel workers tried to verify the card with Visa, but they were unsuccessful.  Police arrested Patrick Marsden, Christopher Baker, and Arlene Goe for theft of services. Officers raided their room and seized credit cards, possible stolen property and equipment used to make fraudulent IDs.

Police arrested three identity theft suspects who rented a room at a downtown Portland hotel.

“For identity theft it’s pretty sophisticated,” said Detective Cheryl Waddell.

“Everyone denies ownership,” said Officer Clint Snodgrass.  “They say the stuff in the room is not theirs,” he added.

Detectives say the group also made purchases up and down the coast and at REI in the Pearl, all using fake id’s and fraudulent credit cards.

“They’ve gone pretty much exclusively digital,” said Waddell.

For more:   http://www.kgw.com/news/local/3-ID-suspects-arrested-at-Portland-hotel-94620904.html

Comments Off on Hotel Industry Identity Theft Risks: Police Arrest Three At Oregon Hotel Who Used Fake ID’s And Stolen Credit Cards

Filed under Crime, Insurance, Liability, Theft

Hospitality Industry Theft Risks: Hotel Surveillance Cameras And Guest “Identification” Procedures Are Best Deterrent To Property Theft

Gordon called the April 3 thefts at the Hampton Inns “very brazen, and quite frankly stupid,” given that the hotel lobbies have surveillance cameras.

In both cases, Gordon said, Cole checked in using a fake ID and paid in cash. Then he and Harrington left with flat-screens worth more than $1,000 each, Gordon said.

(From an AJC.com article)   Jonathan Cole and Brooke Harrington have been arrested by the Atlanta Police Department, Alpharetta police spokesman George Gordon said Friday.

Police were looking for Cole and Harrington after they hit two Hampton Inns in Alpharetta on a single Saturday. They also are wanted for similar thefts in Gwinnett County and the city of Norcross, Gordon told the AJC.

“We had been looking for them for a while … They hid out really well,” Gordon said. “This was a prolific crew traveling all over metro Atlanta area.”

http://www.ajc.com/news/atlanta/atlanta-police-nab-flat-522306.html

Comments Off on Hospitality Industry Theft Risks: Hotel Surveillance Cameras And Guest “Identification” Procedures Are Best Deterrent To Property Theft

Filed under Crime, Insurance, Liability, Theft, Training

Hotel Industry Safety: Guest Safety Will Always Be Compromised If Hotels Do Not Demand Physical Proof Of Identity

There is a conflict of interests between guest safety and guest satisfaction, which plagues the industry. By nature, hotels — especially five-star properties — are welcoming and discreet when a guest checks in. More rigorous identification procedures that require front-desk staff to demand additional personal information or physical proof of identity could jeopardise this.

(From a HotelierMiddleEast.com article)   Identifying hotel guests used to be a simple procedure; the receptionist had to match the name of the guest with the name on the reservation and then hand over the room key. But in today’s world of cyber crime, credit card fraud and identity theft, it is more important (and complicated) than ever to ensure that the person checking in to your hotel is really who they say they are.

In GCC countries, industry standards require hotels to upload data from the passport of every guest who is staying in the hotel on to a central government portal.

Two months ago, numerous individuals who were carrying false passports managed to enter the UAE, check into hotels using fake identities and fake credit cards, and then depart the country less than 24 hours later, after they allegedly assassinated Palestinian Hamas chief Mahmoud Al Mabhouh.

The events that took place at the Al Bustan Rotana Dubai in late January have still not been confirmed, but one thing is clear; a number of individuals managed to check into the hotel under assumed identities.

According to Al Bustan general manager Mohamad Haj Hassan, hotel staff followed standard protocol when several of the suspects checked in; taking a scan of their passports and a credit card swipe before handing them their room keys and wishing them an enjoyable stay.

http://www.hoteliermiddleeast.com/8056-whos-there/

Comments Off on Hotel Industry Safety: Guest Safety Will Always Be Compromised If Hotels Do Not Demand Physical Proof Of Identity

Filed under Crime, Liability, Theft, Training

Hospitality Industry Risk: Cybercrime Is Targeting Smaller Companies Who Need To Employ Security Packages

“We are in an arms race with sophisticated, high tech enemies who are now concentrating on smaller business bank accounts in addition to their continued efforts to steal from large corporations.” To combat the risk, Conner suggests that small businesses employ a “triple threat” security package that would include

• Authentication 

• Fraud detection  

• “Out-of-band transaction verification and signing for high-risk transactions”

(From a USAToday.com article)    Authentication and fraud detection intuitively make sense – these sorts of products look at your transaction, and transaction history, and check for suspicious activity. Conner explained that while Entrust already offers the first two types of protection, to better serve its customers, it is adding that third, necessary layer, of protection with a new product being launched this week.

 “IdentityGuard Mobile” is an app for your smartphone. When a potentially suspicious activity begins to hit your account, this product sends you a text of the transaction details and asks you to authenticate and approve it before the bank can approve it.

 With the challenges to small business coming from all sides – decreased lending, tighter budgets, wary consumers – the last thing we need is to take a financial hit due to cybercrime, so we must be vigilant. Keep your security patches up to date. Make sure you have a robust antivirus suite. Change your pass codes frequently. Use the triple threat.

  http://www.usatoday.com/money/smallbusiness/columnist/strauss/2010-04-18-cyber-threats_N.htm

Comments Off on Hospitality Industry Risk: Cybercrime Is Targeting Smaller Companies Who Need To Employ Security Packages

Filed under Crime, Liability, Theft, Training

Hospitality Industry Risk: “PCI Security Standards” Should Be Implemented By Hotels And Restaurants To Protect Customer Data

The PCI Security Standards Council will enhance the PCI DSS as needed to ensure that the standard includes any new or modified requirements necessary to mitigate emerging payment security risks, while continuing to foster wide-scale adoption.

(From a PCIsecuritystandards.org posting)   The PCI DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis.

The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.

The PCI Security Standards Council will enhance the PCI DSS as needed to ensure that the standard includes any new or modified requirements necessary to mitigate emerging payment security risks, while continuing to foster wide-scale adoption.

Ongoing development of the standard will provide for feedback from the Advisory Board and other participating organizations. All key stakeholders are encouraged to provide input, during the creation and review of proposed additions or modifications to the PCI DSS.

The core of the PCI DSS is a group of principles and accompanying requirements, around which the specific elements of the DSS are organized:

Build and Maintain a Secure Network

Requirement 1: Install and maintain a firewall configuration to protect cardholder data
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters

Protect Cardholder Data

Requirement 3: Protect stored cardholder data
Requirement 4: Encrypt transmission of cardholder data across open, public networks

Maintain a Vulnerability Management Program

Requirement 5: Use and regularly update anti-virus software
Requirement 6: Develop and maintain secure systems and applications

Implement Strong Access Control Measures

Requirement 7: Restrict access to cardholder data by business need-to-know
Requirement 8: Assign a unique ID to each person with computer access
Requirement 9: Restrict physical access to cardholder data

Regularly Monitor and Test Networks

Requirement 10: Track and monitor all access to network resources and cardholder data
Requirement 11: Regularly test security systems and processes

Maintain an Information Security Policy

Requirement 12: Maintain a policy that addresses information security

To further the adoption of the PCI DSS, the PCI Security Standards Council defines credentials and qualifications for QSAs and ASVs. The PCI Security Standards Council also manages a global training and certification program for QSAs and ASVs, and will publish a directory of certified providers on this Web site.

https://www.pcisecuritystandards.org/security_standards/pci_dss.shtml

4 Comments

Filed under Crime, Liability, Theft, Training

Hotel Industry Theft: Criminals Target Small Hotel Flat-Screen TV’s To Steal

Alpharetta police said the thieves, a man and a woman, will rent a room to steal the televisions. They pay with cash and use a fraudulent driver’s license for identification.

(From a CBSAtlanta.com article)   A couple is stealing flat screen televisions from Alpharetta hotels, police said Thursday.

“It’s very frustrating because we put a lot of money and energy into the hotel, and somebody just checks in and decides to take it,” said Tracey Cox.

Cox is the manager of a Hampton Inn in Alpharetta that had two flat screens stolen this past weekend.

Alpharetta police said the thieves, a man and a woman, will rent a room to steal the televisions. They pay with cash and use a fraudulent driver’s license for identification.

Just hours before Cox’s hotel was hit, the thieves targeted another Hampton Inn in Alpharetta stealing three televisions. Alpharetta police said they’re also investigating if the couple is responsible for similar burglaries in other area cities.

The man and woman’s images were clearly captured on hotel surveillance cameras. Police have identified the woman and are looking for her. However, they’re asking for the public’s help identifying and locating the man.

“We want to prevent this from happening at other hotels, and we want to get the bad guy, because that’s a crime,” said Cox.

http://www.cbsatlanta.com/news/23090169/detail.html

Comments Off on Hotel Industry Theft: Criminals Target Small Hotel Flat-Screen TV’s To Steal

Filed under Crime, Liability, Theft

Hotel Cybercrime: Debit Cards Do Not Offer Same Protections As Credit Cards If Account Information Is Stolen

Jacque Tiegs of Clair Shores, Mich., had a similar experience a few years ago. She used her debit card at a hotel in Milwaukee for incidental charges and found out on her next month’s bank statement that someone had run up a $3,500 bill at another hotel of the same brand in Chicago. Her bank couldn’t (or wouldn’t) solve the problem, and the hotel claimed she had run up the charges. Only by threatening to go to the police and offering proof that she had been out of town on a work assignment was she able to get the charges reversed.

(From a WalletPop.com article)   Don’t think that the same protections you get from your credit card apply to your debit card. If someone steals your credit card number and runs up a big bill, you won’t be responsible for the fraudulent charges — at least not until the card company completes its investigation and probably not at all if they find evidence of fraud. But if someone steals your debit card information and starts charging away, you’re on the hook. The money comes straight out of your bank account. Not only are they your funds — with no one there to cover for you — but getting the money back can be a huge hassle that can easily take a month, if not more, to resolve.

Even if your money is only locked up temporarily, as Greg Meyer’s was, it can still be devastating, especially if you don’t have a large balance to tide you over. Not only that, but if the hold is greater than your balance, it can trip an overdraft protection and subsequent transactions can be denied or add to your overdraft woes.

So how do you protect yourself – and your debit card? “Be alert when there’s an opportunity for so-called ‘skimming’ or where people can look over your shoulder to track your PIN number,” says Tim Lukens, a senior vice president at Affinion Security Center, a company that makes anti-cybercrime software for big banks. Also, think twice before using your debit card at a restaurant, where you don’t actually see the server swiping it, or at gas stations, where surveillance cameras can record you keying in your PIN.

http://www.walletpop.com/blog/2010/03/31/debit-card-disasters-what-to-do-when-you-get-burned/

Comments Off on Hotel Cybercrime: Debit Cards Do Not Offer Same Protections As Credit Cards If Account Information Is Stolen

Filed under Crime, Liability, Theft