Tag Archives: Guest Information

Hospitality Industry Theft Risks: Man Arrested For Using Fraudulent Credit Card Information At California Hotels; Police Seize $32,000 Worth Of Cashier's Checks

“…(the man) was arrested on suspicion of using fraudulent credit card information at hotels and resorts in Laguna Beach, Costa Mesa and Dana Point…between Feb. 15 and April 12…”

“…it was common for Larson to give his hotel room to someone else before the end of his stay and move on to another hotel…”

Harold Eric Larson, 36, of Orange was arrested April 12 at the Costa Mesa Marriott, where detectives seized documents, hotel booking information and $32,000 worth of cashier’s checks from 39 different accounts.

Larson is facing charges of burglary, identity theft, grand theft and credit card fraud, said Laguna Beach police Sgt. Robert Rahaeuser.

According to court records, Larson pleaded not guilty Monday to 20 felony counts.

Laguna police first got a tip March 2 that Larson was committing fraud at a Laguna resort.

For more:  http://www.dailypilot.com/tn-cpt-0420-larson-20120417,0,413551.story

Comments Off on Hospitality Industry Theft Risks: Man Arrested For Using Fraudulent Credit Card Information At California Hotels; Police Seize $32,000 Worth Of Cashier's Checks

Filed under Crime, Guest Issues, Insurance, Liability, Management And Ownership, Risk Management, Theft

Hospitality Industry Information Risks: "Specialized Cyber-Risk Insurance" Is Important In Providing "Security Liability" And "Privacy Liability" Coverage

A specialized cyber-risk insurance policy is necessary. Coverage would not usually be triggered under a commercial general liability policy–many of which also have exclusions. Importantly, property-damage policies typically do not acknowledge “data” as property.

“Cyber liability” is essentially comprised of two defined risks:

  • Security Liability: the unauthorized access and/or use of a network. Employees or others with access to the network can misappropriate identity information, business secrets, transmit malicious codes, and undertake a denial of service attack against your network or other networks.
  • Privacy Liability: the breach of personal data protection laws that allow individuals to control the collection, access, transmission, use, and accuracy of their personal information.

The available policy coverage options start with General Internet Crime Liability. This addresses the first and third party risks associated with e-business, the Internet, networks and informational assets.

However, it is critical to review your business activities to ensure appropriate coverage. To this needs to be added appropriate Property, Directors and Officers, Business Interruption and Fidelity wordings. For those businesses offering software and services susceptible to outage or malfunction associated with a cyber-attack, Electronic Errors and Omissions coverage should also be obtained.

For more:  http://www.pcworld.com/businesscenter/article/252126/can_insurance_cover_cybercrime_damages_at_your_business.html

Comments Off on Hospitality Industry Information Risks: "Specialized Cyber-Risk Insurance" Is Important In Providing "Security Liability" And "Privacy Liability" Coverage

Filed under Crime, Guest Issues, Insurance, Liability, Maintenance, Management And Ownership, Privacy, Risk Management, Theft

Hospitality Industry Information Risks: Hotel's Store "Enormous Amounts Of Data" That Is Never Used; 100% At Risk And 0% Value

“…companies can go a long way toward reducing their exposure to significant losses resulting from a security breach by putting themselves on a “data diet…There is an enormous amount of information that we never use, but we never get rid of. It’s 100% risk and 0% value. As a risk manager, that’s the scariest equation you’re ever going to hear…”

While there is no way for companies to completely eliminate the risk of data breaches and cyber attacks, there are several steps they can take to reduce their potential financial and reputational losses, a panel of experts said Thursday at the third annual Business Insurance Risk Management Summit®in New York.

“The fact is that you’re going to be attacked. That’s the reality,” said Alan Brill, senior managing director of secure information services for New York-based Kroll Inc. A well-crafted cyber risk management program need not be wildly expensive or complex, Mr Kroll said, but should at least strive for “commercially reasonable levels” based on company size and industry.

For more:  http://www.businessinsurance.com/article/20120229/NEWS06/120229881?tags=|338|299|302|342|303|335

Comments Off on Hospitality Industry Information Risks: Hotel's Store "Enormous Amounts Of Data" That Is Never Used; 100% At Risk And 0% Value

Filed under Guest Issues, Insurance, Labor Issues, Liability, Maintenance, Management And Ownership, Privacy, Risk Management, Technology, Theft

Hospitality Industry Information Security: Study Finds Hotels Are "Prime Targets" For Financial Data Theft; "Infiltration Of Smartphones Through Bluetooth Technology"

“…Hotels also are prime targets for people looking to steal financial data. In a study of 200 data-breach cases, Trustwave’s SpiderLabs, the online security company’s research arm, found 38 percent occurred at hotels or resorts…”

Two key challenges for travelers involve the use of unsecured wireless networks at hotels, airports and other public venues and the infiltration of smartphones through Bluetooth technology.

Identity theft can be a rude awakening for many business travelers. Last year, identity theft made up 19 percent of the 1.3 million complaints stored in the Consumer Sentinel Network, a secure online database available to law-enforcement agencies.

Experts say business travelers are especially vulnerable because they increasingly rely on electronic devices that easily can be lost or hacked. Credant Technologies, a data-protection company, found that travelers have lost 11,000 mobile devices at the busiest U.S. airports this year, 37.5 percent of them laptops and 37.2 percent tablets or smartphones.

“You are 15 times more likely to have your identity stolen than to have your car broken into,” said Todd Davis, chairman and CEO of LifeLock, an identity-theft protection company.

For more:  http://www.delawareonline.com/article/20111218/BUSINESS/112180321/Identity-theft-risk-increases-when-traveling?odyssey=mod%7Cnewswell%7Ctext%7CBusiness%7Cs

2 Comments

Filed under Crime, Guest Issues, Liability, Management And Ownership, Privacy, Risk Management, Technology, Theft

Hospitality Industry Information Security: New York Hotel Employee Charged With "Stealing 237 Guest Credit Card Accounts" Totaling Over $800,000 In Fraudulent Purchases

“…A New York City hotel chain auditor has been charged with stealing hundreds of guests’ credit card information and selling it to a man accused of using it to buy $840,000 worth of airline tickets and other items…”

Lukasz Kruk and Barry Herndon pleaded not guilty to grand larceny, identity theft and other charges Friday. The Manhattan district attorney’s office says 237 accounts were compromised over three years.

Prosecutors say Kruk was an auditor for the Amsterdam Hospitality Group and had access to guests’ credit card data. They say Herndon bought tickets for himself and other people with information Kruk took.

Amsterdam Hospitality Group runs eight boutique hotels in New York City, Asbury Park, N.J., and Charlotte, N.C. Its representatives haven’t responded to a request for comment.

For more:  http://www.businessweek.com/ap/financialnews/D9QQ75581.htm

 

Comments Off on Hospitality Industry Information Security: New York Hotel Employee Charged With "Stealing 237 Guest Credit Card Accounts" Totaling Over $800,000 In Fraudulent Purchases

Filed under Crime, Guest Issues, Insurance, Labor Issues, Liability, Management And Ownership, Privacy, Risk Management, Theft

Hospitality Industry Guest Information Risks: Hotels Are Collecting More Personal Information On Guests And Protecting "Personally Identifiable Information" Is Top Priority

“…ensuring the security of this data is so important that it’s consuming hotel IT departments’ attention right now, said Josh Weiss, Hilton Worldwide’s VP of brand and guest technology…”

 “…The stakes involved in protecting “personally identifiable information” (data that can be used to uniquely identify, contact or locate a single person) are far higher with this personal information than with credit-card information…”

As hotels collect more personal information about guests and the Epsilon and Sony data breaches earlier this year shook people’s confidence in corporate data protection, hotel guests are increasingly asking hotels how well they’re securing their personal information, Mark McBeth, Starwood Hotels’ VP of information technology, said during a recent conference.

IT execs from Starwood and also Hilton and owner/operator White Lodging said they’re responding by making guest-data security their No. 1 priority. “PII is considered high-risk because if there were to be a breach, you’re exposing the guest’s identity,” he said. “It paints some pretty scary pictures.”

A “PII” breach could potentially lead to child abduction or a murder if information falls into the wrong hands, he said.

For more:  http://travel.usatoday.com/hotels/post/2011/10/starwood-hilton-work-to-protect-personally-identifiable-information/553616/1

Comments Off on Hospitality Industry Guest Information Risks: Hotels Are Collecting More Personal Information On Guests And Protecting "Personally Identifiable Information" Is Top Priority

Filed under Crime, Guest Issues, Insurance, Maintenance, Management And Ownership, Privacy, Risk Management, Technology, Theft

Hospitality Industry Information Security: Major Hotels Move Closer To "Secure Payments Framework" That Will Protect Guest Credit Card Data Through "Tokenization"

 “Every major hotel company is working to get as many of their systems as possible out of the scope of the Payment Card Industry Data Security Standards (PCI-DSS)…Most of these companies have focused on solutions based on tokenization, and many have implemented them or are in the process of doing so.”

Tokenization is a process whereby sensitive card data is stored in a single secure location, which may be operated by a hotel brand, a payment gateway or another third party, and replaced in hotel systems by substitute “tokens.”  The tokens can be used to complete the transaction, but are useless if intercepted electronically by a thief. 

Top hotel security executives met several times to discuss this problem as the HTNG Secure Payments Framework effort took shape during August and early September.  Early discussions indicated a broad agreement that a single industry framework is needed, and that the framework needs to work with existing security approaches in place at major hotel companies and in commonly used systems.  There was also agreement on the key elements needed for the industry framework.  The group intends to document this framework conceptually in a white paper that will form the basis for subsequent standards development.

  This new effort will leverage hotel companies’ prior investment in tokenization efforts, adding a layer of security that will enable those solutions to be extended to unrelated parties that may be involved in transactions, such as online travel agencies, global distribution systems, switches, channel management systems, central reservation systems, management companies, independent hotels, payment gateways, swipe devices, and other parties.  “The approach is intended to enable the tokenization of card data by the first system that touches the reservation,” said Rice.  “The sensitive data will remain stored in a secure vault, and all of the other systems will simply pass along the token in place of the credit card.  The hotel itself can then submit the token to its token provider or gateway to complete the card transaction.  The card data itself need never touch a hotel system.”

For more:  http://www.hotelnewsresource.com/article58324.html

Comments Off on Hospitality Industry Information Security: Major Hotels Move Closer To "Secure Payments Framework" That Will Protect Guest Credit Card Data Through "Tokenization"

Filed under Guest Issues, Liability, Maintenance, Management And Ownership, Privacy, Risk Management, Technology

Hospitality Industry Marketing Risks: Hotels Are Increasingly Reacting To "Negative" Postings On Social Media Sites As Guests Go "Online" Rather Than To Management

Social media has empowered consumers, forcing companies to be more transparent and responsive. That’s a good thing. But hotels have always been responsive, if not transparent. Lodging a complaint is as simple as marching up to the front desk.

So why is it that some guests, upon encountering an issue, log on to Twitter or Facebook and bring it to the attention of their entire social graph instead of to the one person who can fix it the problem: the manager?

  • Monitor review sites and social networks closely. Even if you aren’t active on them many of your guests likely are.
  • Respond quickly to all feedback, positive or negative.
  • If comments are negative, attempt to take it offline.
  • When responding to negative reviews and commentary, always thank, apologize, explain, invite back and follow-up. No excuses, and no bribes.
  • If guests are still on property, don’t let them leave until you’ve won them over. Convert twerrorists into twadvocates, so to speak.
  • If comments are offensive, abusive or repetitive, you have the option of ignoring them. Tweets have the shelf life of tuna sushi in the desert sun; Facebook wall posts can be deleted. Sanitize, but don’t censor.
  • A social media policy and guidelines will help minimize risks and prepare you to act swiftly to minimize fallout.
  • The more helpful and engaged employees are with guests the more likely guests will be to bring issues to their attention before logging on to Facebook.

For more:  http://www.htrends.com/researcharticle58059.html

Comments Off on Hospitality Industry Marketing Risks: Hotels Are Increasingly Reacting To "Negative" Postings On Social Media Sites As Guests Go "Online" Rather Than To Management

Filed under Guest Issues, Management And Ownership, Risk Management, Technology, Training

Hospitality Industry Cybercrime Risks: Hotel Management Should Have Policies "Disclosing Risks Of Hotel Computer And Wireless Internet Usage"

“…According to a report from antivirus software manufacturer Norton, global cybercrime has claimed 431 million adult victims in the past year, costing countries $114 billion in direct financial losses. That figure jumps to $388 billion when you factor in the value that victims place on the time they spent recouping the losses…”

Last year, in the U.S. specifically, more than 74 million people were victims of some form of cybercrime, leading to $32 billion in direct financial losses.

  • Recognize that your smartphone is really a pocket-size computer and is prone to the same types of attacks directed at your laptop and desktop. Take steps to protect it, such as keeping your operating system current and creating a strong password.
  • Keep your personal information to yourself. For instance, don’t put your entire birth date, including the year, on Facebook. Think about the security questions normally posed by your bank and other secure locations: “first school you attended,” “name of favorite pet” and the like. Are your answers on display online?
  • Know the pitfalls of public Wi-Fi. CreditCards.com says, “Avoid public wireless Internet connections unless you have beefed-up security protection.”
  • Beware of public computers, too. For instance, Kiplinger says, “Don’t access your accounts or personal information on public hotel computers, which could have software that logs keystrokes and records your passwords and account numbers.”
  • Use credit cards, rather than debit cards, when making purchases online. In case of fraud, you’ll get much better protection from liability with a credit card.

For more:  http://money.msn.com/identity-theft/article.aspx?post=6730f6ce-5203-4b59-bd46-f65a7a3545c2

Comments Off on Hospitality Industry Cybercrime Risks: Hotel Management Should Have Policies "Disclosing Risks Of Hotel Computer And Wireless Internet Usage"

Filed under Guest Issues, Liability, Management And Ownership, Privacy, Risk Management, Technology, Theft

Hospitality Industry Information Security: Hotels And Resorts Are Targeted For Cyber Attacks Because Of Faulty "Data Collection Practices"

“…The report said the largest share of cyber attacks — 38% — were aimed at hotels, resorts and tour companies…”

“… large hotel chains are most vulnerable because hotel management companies may not be able to monitor how data is collected and stored at dozens or even hundreds of properties throughout the world. Independent contractors who work for individual hotels can also open the door to hackers and computer viruses…”

A business traveler who books hotel rooms via the Internet, may be at higher risk of being victimized by computer hackers and identity thieves.

Insurance claims for data theft worldwide jumped 56% last year, with a bigger number of those attacks targeting the hospitality industry, according to a new report by Willis Group Holdings, a British insurance firm.

That could spell trouble for business travelers who submit credit card numbers and other personal information to hotel websites, said Laurie Fraser, global markets leisure practice leader for Willis.

For more:  http://www.latimes.com/business/la-fi-travel-briefcase-20110815,0,65581.story

Comments Off on Hospitality Industry Information Security: Hotels And Resorts Are Targeted For Cyber Attacks Because Of Faulty "Data Collection Practices"

Filed under Crime, Guest Issues, Insurance, Liability, Management And Ownership, Privacy, Risk Management, Technology, Theft