“…criminal hackers gravitate to some hotels because, like retail stores and restaurants, hotels do many credit card transactions at a local level, where centralized and highly sophisticated data security safeguards may be lacking…Most hotels are locally owned, though managed by big hotel chain companies. For hotel owners, it is expensive to come into full compliance with the tough global data security criteria set by the credit card companies…That includes using complex passwords, being wary of public Wi-Fi, updating antivirus software â€” and checking credit card statements carefully…”
“…In the United States, credit cards use magnetic strips that are more vulnerable to hacking than the electronic chips embedded in credit cards in Europe and elsewhere. Such cards also require entry of a PIN…these so-called chip-and-PIN cards are headed our way, said Kathy Orner, vice president for information security at Carlson Rezidor, a worldwide hotel company that is among the industry leaders in data security…all of the major credit card issuers plan to start introducing these cards in the United States within two or three years…”
In its 2013 Global Security Report, Trustwave, a data security management firm, says that the top three industries targeted for data breach attacks in 2012, measured by the number of its investigations, were retailing (45 percent), food and beverage (24 percent) and hotels (9 percent). Three years ago, the hotel industry was at the top, but hotels have since made â€œsignificant stridesâ€ in improving credit card security measures, the report says.
Last year, for example, the Federal Trade Commission sued Wyndham Worldwide, the hotel chain, for what it said was inadequate safeguarding of credit card information that led to three data breaches at hotels in under two years, with â€œmillions of dollars in fraud loss, and the export of hundreds of thousands of consumersâ€™ payment card account information to an Internet domain address registered in Russia.â€
The threat is constant, Mr. Roman said. â€œThe best protection is vigilance, and that takes work,â€ he said.