There can be significant data-security risks for those who take advantage of using the Internet in hotels and resorts around the world.
Most large hotels use a third-party provider to deliver wifi to hotel guests, which means the hotel may not have double-checked that it is using a network that meets current standards for online security and privacy.
But surely hotels are smart enough to choose a good wifi vendor, right? Surely hotels don’t make egregious computer errors and put their guests’ identities and credit details at risk, right?
It turns out that hotel network security is filled with gaping security holes – something to consider the next time you hand over your credit card to the front desk or choose to access the Internet from “the safety” of your hotel room.
Indeed, Cornell University’s School of Hotel Administration tested 147 U.S. hotels and found that a majority of the hotels do not use all available tools to maintain network security.
One of the study’s authors, Erica L. Wagner, assistant professor of information systems at the Hotel School, pointed out that “guests’ data transmissions are often at risk when they use a hotel’s network.”
Research from the American Hotel & Lodging Association suggests that 55% of credit-card fraud comes from the hospitality industry.
Last year, for example, a hacker cracked the computer systems at Wyndham Hotels and Resorts. The hacker gained access to customers’ credit cards used at the hotels from early November 2009 through late January 2010. The Westin Bonaventure Hotel & Suites in Los Angeles disclosed a computer breach at four hotel restaurants and valet parking operations.
In 2009, the Radisson Hotels chain revealed that hotel guests’ credit cards were accessed due to a breach of the hotel’s computer systems. The scary thing is that Radisson didn’t even realize the attack had taken place until it was contacted by several credit card companies and card processors due to a pattern of suspicious behaviors.
In a statement, the company pointed out that “the fact that someone may have had access to personal information does not mean that you are a victim of identity theft, or that the personal information will be used to commit fraud. We wanted to let you know about the incident so that you can take appropriate steps to protect yourself, such as by reviewing your account statements and credit report closely for unauthorized activity, and reporting any unauthorized activity to your credit card company. You may also wish to consider placing a fraud alert or security freeze on your credit files.”
One of the safest steps to take when you want to use the Internet while staying at a hotel is to use a virtual private network (VPN), since using a VPN like PRIVATE WiFi™ protects you online. Simply put, a VPN encrypts the data at one end and decrypts it on the other. This protects hackers from intercepting your communications in a wifi hotspot.
Other security steps include using your own dedicated wifi service any time you travel. Never connect to an unknown wifi network. Turn off your device or disable your wifi connection when you plan to leave the hotel room or go to sleep. Finally, always practice good computer security measures like updating antivirus and antimalware.
Short of paying with cold, hard cash for your hotel stay, you will probably have to hand over your credit card at some point. Be sure to check your statement carefully after you return home for any pattern of suspicious charges, since it’s now obvious many large hotel chains are susceptible to major network security breaches.
Have you ever felt as though your personal accounts were compromised after staying at a hotel or using its wifi?
While it may seem difficult to prove entirely, since you may not have noticed something strange until well after you had returned home, what were the tell-tale signs? Did you contact the hotel management to complain?