Tag Archives: Identity Theft

Hospitality Industry Information Risks: Man Arrested In Texas Hotel Room At Center Of "Extensive Identity Theft Operation"

“…(He) is charged with the possession of marijuana and meth. But inside his hotel room at the Hyatt Regency in Dallas police found 400 to 500 credit cards, debit cards, gift cards and social security numbers. There was evidence of personal information involving a federal agency lifted from registration forms from a conference hosted by a North Texas hotel…”

A California man with North Texas ties is behind bars for drug possession. He was also in a downtown Dallas hotel room that appeared to be the center of an extensive identity theft operation. On Monday Dallas police arrested 26-year-old Justin Bennett. His last known address is in Los Angeles but records show he used to live in Rockwall.

Police also confiscated three laptops, a printer and a credit card embossing machine.

Sources said whoever is behind the identity theft operation appears to be taking existing credit card numbers and putting different names on them. It would never have been discovered except for a clever car rental company.

On Sunday the rental company out of Oklahoma rented a white SUV from its satellite office near the airport to a man who paid $2200 for two weeks. He used a credit card.

For more:  http://www.myfoxdfw.com/story/18597822/extensive-identity-theft-operation-exposed

Comments Off on Hospitality Industry Information Risks: Man Arrested In Texas Hotel Room At Center Of "Extensive Identity Theft Operation"

Filed under Crime, Guest Issues, Liability, Management And Ownership, Risk Management, Technology, Theft

Hospitality Industry Information Technology Risks: Hotel And Restaurant "POS Systems" Are The #1 Target Of Criminal Data Breaches

If a criminal can breach a system in the restaurant, they also have access to the front desk, the spa and any other connected system. The risk is even greater when hotels are part of a hotel chain with interconnected systems.

Franchise businesses are particularly at risk primarily because franchises tend to have the same POS system duplicated at all locations. If a cybercriminal can figure out a way to breach one, in all likelihood, they can replicate the attack at other locations.

In 2011, Trustwave SpiderLabs conducted 42 percent more data breach investigations than in the previous year. More than 85 percent of these data breaches occurred in the food and beverage, retail and hospitality industries.

Why the focus on these industries? There are several reasons, but the number one is that they all process credit cards. In our investigations, we found that the vast majority of assets targeted by criminals were point-of-sale software systems (75 percent of cases). Think of the scenario of a hotel that maintains a restaurant, a spa, as well as other services all connected to one POS system.  We’ve investigated cases where the criminal breaches the environment at one location and was in turn able to connect todozens of others through the wide area network used by the hotel chain.

For more:  http://www.forbes.com/sites/ciocentral/2012/04/11/restaurants-beware-hackers-want-your-customer-data/

2 Comments

Filed under Crime, Guest Issues, Liability, Maintenance, Management And Ownership, Privacy, Risk Management, Technology, Theft

Hospitality Industry Information Technology Risks: Hotel And Restaurant "POS Systems" Are The #1 Target Of Criminal Data Breaches

If a criminal can breach a system in the restaurant, they also have access to the front desk, the spa and any other connected system. The risk is even greater when hotels are part of a hotel chain with interconnected systems.

Franchise businesses are particularly at risk primarily because franchises tend to have the same POS system duplicated at all locations. If a cybercriminal can figure out a way to breach one, in all likelihood, they can replicate the attack at other locations.

In 2011, Trustwave SpiderLabs conducted 42 percent more data breach investigations than in the previous year. More than 85 percent of these data breaches occurred in the food and beverage, retail and hospitality industries.

Why the focus on these industries? There are several reasons, but the number one is that they all process credit cards. In our investigations, we found that the vast majority of assets targeted by criminals were point-of-sale software systems (75 percent of cases). Think of the scenario of a hotel that maintains a restaurant, a spa, as well as other services all connected to one POS system.  We’ve investigated cases where the criminal breaches the environment at one location and was in turn able to connect todozens of others through the wide area network used by the hotel chain.

For more:  http://www.forbes.com/sites/ciocentral/2012/04/11/restaurants-beware-hackers-want-your-customer-data/

2 Comments

Filed under Crime, Guest Issues, Liability, Maintenance, Management And Ownership, Privacy, Risk Management, Technology, Theft

Hospitality Industry Crime Risks: "Large Identity Theft Operation" Uncovered At California Hotel After Manager Suspected Drug Sales

“…Deputies found fake credit and identification cards as well as computers, printers and software used to make false identification..Deputies also found credit card readers and small cameras that allowed criminals to capture credit card information and PIN numbers. Prepaid credit cards embossed with stolen information which could then be used at businesses were located..”

Sheriff’s deputies broke up a large identity theft operation this past weekend while investigating a report of drug dealing at a hotel room. Investigators contend the material found Sunday at Four Points by Sheraton at 11960 Foothill Blvd. was created using stolen information from card readers or skimmers, Rouse said.

The group allegedly started in Northern California and “have been working their way around,” he said.

On Sunday, a hotel manager called the Sheriff’s Department to report someone was selling drugs in one of the rooms.

Deputies discovered various items indicating Jeffery Wilkinson, 35, Barbara Brown, 32, and Shahin Abdollahi, 46, were involved in a large-scale identity theft ring, sheriff’s Sgt. Ken Jamieson said.

Wilkinson had an arrest warrant and was in the possession of drugs.

For more:  http://www.contracostatimes.com/california/ci_20355205/rancho-cucamonga-id-theft-ring-uncovered

Comments Off on Hospitality Industry Crime Risks: "Large Identity Theft Operation" Uncovered At California Hotel After Manager Suspected Drug Sales

Filed under Crime, Guest Issues, Liability, Management And Ownership, Risk Management, Theft

Hospitality Industry Crime Risks: "Large Identity Theft Operation" Uncovered At California Hotel After Manager Suspected Drug Sales

“…Deputies found fake credit and identification cards as well as computers, printers and software used to make false identification..Deputies also found credit card readers and small cameras that allowed criminals to capture credit card information and PIN numbers. Prepaid credit cards embossed with stolen information which could then be used at businesses were located..”

Sheriff’s deputies broke up a large identity theft operation this past weekend while investigating a report of drug dealing at a hotel room. Investigators contend the material found Sunday at Four Points by Sheraton at 11960 Foothill Blvd. was created using stolen information from card readers or skimmers, Rouse said.

The group allegedly started in Northern California and “have been working their way around,” he said.

On Sunday, a hotel manager called the Sheriff’s Department to report someone was selling drugs in one of the rooms.

Deputies discovered various items indicating Jeffery Wilkinson, 35, Barbara Brown, 32, and Shahin Abdollahi, 46, were involved in a large-scale identity theft ring, sheriff’s Sgt. Ken Jamieson said.

Wilkinson had an arrest warrant and was in the possession of drugs.

For more:  http://www.contracostatimes.com/california/ci_20355205/rancho-cucamonga-id-theft-ring-uncovered

Comments Off on Hospitality Industry Crime Risks: "Large Identity Theft Operation" Uncovered At California Hotel After Manager Suspected Drug Sales

Filed under Crime, Guest Issues, Liability, Management And Ownership, Risk Management, Theft

Hospitality Industry Employee Risks: Alabama Hotel Clerk, With Prior Arrest Record, Arrested For Stealing Guest Credit Card Informatiom

Rains says Niles got the guests information from the hotels computer database and used it for more than just their rooms.

A Mobile hotel clerk is behind bars. The Mobile Police Department says he was doing more than checking guests in, he was using their credit card information.

“While working as a front desk clerk at a local hotel he actually stole credit card information from one victim who had previously stayed at the hotel,” said Rains.

“He used this information to book hotels for him and his friends and we were actually able to catch him,” said Rains.

This wasn’t Niles first time. He has been arrested several times for charges like identity theft and possession of a forged instrument.

“He was on probation for the same crimes when he committed these,” said Rains.

Police say Niles charged a significant amount of money. Thankfully the victim was monitoring the transactions.

“As a safeguard just to make sure that your credit cards aren’t being used fraudulently the best thing you can do is check your accounts and alert your credit card provider if you’d see anything fraudulent,” said Rains.

For more:  http://www.fox10tv.com/dpp/news/local_news/mobile_county/mpd-hotel-clerk-using-guest-credit-card

Comments Off on Hospitality Industry Employee Risks: Alabama Hotel Clerk, With Prior Arrest Record, Arrested For Stealing Guest Credit Card Informatiom

Filed under Crime, Guest Issues, Liability, Management And Ownership, Privacy, Theft

Hospitality Industry Employee Risks: Texas Hotel Uses Video Cameras To Identify Housekeeper Who Used "Portable Electronic Skimmer" To "Steal Guest Credit Card Numbers"

“…a number of guests who suspected someone had entered their rooms and stolen their credit card information, even though they were still in possession of their credit cards. Charges usually were applied to the credit cards several days after the guests had departed the hotel…”

“…While monitoring the hidden camera’s video feed real-time from the hotel security office, Jose Ramirez observed Margarita Fernandez Abreu remove a small device from her pants pocket and then slide approximately three of the debit cards through the device…”

The Stephen F Austin set up an elaborate ruse to trick a hotel maid into revealing she had stolen the credit and debit card numbers of hotel guests.

 Possible suspects in the case were narrowed down to maid Margarita Abreu, the only employee who had entered the room with an electronic key card. Knowing that, the hotel managers set up a hotel room that appeared to be occupied but wasn’t. A hidden camera was placed in the room that focused on the coffee table and debit cards.

 “Margarita also looked through the purse that was on the table as well. Margarita then concealed the device back in her pocket and continued cleaning the room.” After two detectives viewed the video and identified the object as a “card skimmer” that captured and saved the data. That data could be later downloaded and re-encoded to create “clone” credit cards.

Abreu was arrested on charges of credit card abuse, a state jail felony. Her bail was set at $15,000.

For more:  http://www.kxan.com/dpp/news/crime/video-shows-credit-card-theft

Comments Off on Hospitality Industry Employee Risks: Texas Hotel Uses Video Cameras To Identify Housekeeper Who Used "Portable Electronic Skimmer" To "Steal Guest Credit Card Numbers"

Filed under Crime, Guest Issues, Labor Issues, Maintenance, Management And Ownership, Risk Management, Technology, Theft

Hospitality Industry Cyber Crime: Washington Hotel Room Used By "Identity Theft" Ring Exposed By Credit Card Company Alerting Card Owner Of Hotel Room Booked At Hotel

“…The man’s credit-card company had alerted him that someone using his card had booked a room there…”

“…Police say the search turned up cell phones, lap top computers, computer hard drives, iPod touches, electronic storage devices, magnetic card readers, routers, hotspots and computer peripherals…”

Police have arrested two men and say a search has turned up evidence that there may be more victims of identity theft. Police say they have yet to determine how many vicitms there might be.

Just after noon on Tuesday, East Precinct patrol officers met a man in the lobby of the Silver Cloud Hotel in the 1100 block of Broadway. Officers went to the room and found two men.

In the room, they saw several cell phones, laptops, a WiFi hotspot, router and papers with credit-card numbers.

Detectives with the fraud, forgery and financial explotation unit got a warrant to search the room and the suspects’ vehicle.

For more:  http://www.seattlepi.com/local/article/Seattle-cops-may-have-busted-identity-theft-ring-2239352.php

Comments Off on Hospitality Industry Cyber Crime: Washington Hotel Room Used By "Identity Theft" Ring Exposed By Credit Card Company Alerting Card Owner Of Hotel Room Booked At Hotel

Filed under Crime, Guest Issues, Management And Ownership, Privacy, Risk Management, Technology, Theft

Hotel Industry Information Security Risks: California Hotel Employees Union Files Suit Over Identification Cards "Encoded With Social Security Numbers"

Disney hotel union members submitted Tuesday a petition with about 1,400 signatures to managers, seeking changes to their employee cards that they say would protect them against identity theft.

Unite Here Local 11, the union that represents about 2,100 hotel workers, is fighting to change identification cards that have encoded Social Security numbers, which can be read by smartphone apps and other devices.

Already last month, the union filed a federal class action lawsuit, claiming that the cards violate state law. Union members collected signatures to emphasize that the majority of hotel workers want an immediate change to their ID cards, rather than a few listed on the lawsuit. Leigh Shelton, a union spokeswoman, said some other unions also are supporting the cause, but they did not participate in this petition.

About 20 workers took their petition to the Disney administration building in Anaheim on Tuesday morning.

“This is a very serious problem that we hope they resolve immediately,” said Eddie Chavez, a union organizer and Disneyland Hotel bellman.

For more:  http://www.ocregister.com/news/-293152–.html

Comments Off on Hotel Industry Information Security Risks: California Hotel Employees Union Files Suit Over Identification Cards "Encoded With Social Security Numbers"

Filed under Labor Issues, Liability, Management And Ownership, Technology, Theft

Hotel Industry Credit Card Security: "Cyber Criminals" Steal Credit Card Data On Hotel Computer Systems That Lack Critical Firewalls

Cyber criminals are systematically attacking systems that store credit card data, including Point-of-Sale and Property Management Systems. The criminal organizations are highly structured and integrated with the world’s organized crime rings.

Detailed forensic analysis by law enforcement agencies and specialized private-sector security practices, as well as by security departments at major hotel groups around the world, leave little doubt that the attacks on hotels are highly targeted and effective.

Many hoteliers believe they are not vulnerable because they use Point-of-Sale and Property Management Systems that have been validated as conforming to the latest PCI security standards. Unfortunately this is far from the case. Even such validated systems can be vulnerable if the hotel operates them in an unsecured manner. Leading forensics firms agree that the most important security measures are those that keep cyber criminals from getting inside the hotel network in the first place. Once inside, there are many ways for them to steal the data, even if the PMS or POS system itself is secure.

  • Eliminate EVERY default password on EVERY machine on your network – server, workstation, router, firewall, and any other device that has a password. The most important machines to check are the ones you think are NOT vulnerable, such as a PC on an engineer’s desk for monitoring building systems, or the PC in the parking garage attendant’s office, or the one in a closet running your keycard system.
  • Eliminate holes in remote access to systems inside your network. Remote access by vendors is an essential part of support for many hotel systems. The data thieves know this, and they know how to use it to get inside your network. They know all the default passwords, and they have even been known to steal master customer lists, complete with current passwords, from vendors.
  • If you were to store stacks of money in plain sight in an exit stairwell, you would expect to be robbed. Operating without an Internet firewall is just as risky. Yet many hotels, especially smaller ones, don’t have a firewall. If you are connected to the Internet without one, then people you don’t know, from around the world and many with malicious intent, are reaching into your network.

For more:  http://www.traveldailynews.com/pages/show_page/42199-Hotel-associations-issue-joint-statement-on-credit-card-security

Comments Off on Hotel Industry Credit Card Security: "Cyber Criminals" Steal Credit Card Data On Hotel Computer Systems That Lack Critical Firewalls

Filed under Crime, Guest Issues, Liability, Management And Ownership, Risk Management, Technology, Theft