Lax Information Security Makes Hotels Low Hanging Fruit for Hackers


Let’s face it, hackers love hotels.  And not because they want to get away from it all and sip margaritas by the pool. The huge volume of personal information collected, transmitted and stored by the hospitality industry has made it a prime target for cybercrime, according to a report by Willis Group Holdings, a global insurance broker.

As the hospitality industry pushes its customers to do more of their business online, it’s opened the door to cybercrime. Hotel customer data equals cash to hackers because it can be stolen in large quantities and used to commit identity theft.  That’s why it’s not surprising that in 2011, Willis found that 38% of all cyber attacks were aimed at hotels, resorts and tour companies during the previous year. That’s more data breaches than in any other market sector. One of the biggest risks is to travelers who submit credit card information and other personal information to hotel websites.


Why Hotels Are Magnets for Cybercrime

Why are hotels so vulnerable to data breaches? Because, unlike many other industries which routinely purge customer data, hotels hold on to it longer for reservations and customer loyalty programs. And history has shown that the hotel industry doesn’t have the best track record for implementing up-to-date information security procedures.

Hotel databases are a treasure trove of customer information for hackers. They hold guests’ home address, credit and debit card information, driver’s license numbers and passport numbers, as well as their travel plans. That makes them one-stop shopping for identity thieves.

Case in point:  In 2011, the Orlando Sentinel reported that a Secret Service investigation uncovered identity fraud in Central Florida that was traced to hacked computer servers at a San Diego hotel. The hackers uploaded malware which captured guests’ credit card information stored by the hotel.  They sold the data to other criminals who stored it in Azerbaijan, located on northern border of Iran.  According to the Sentinel, Secret Service agents said those middle men then turned around and sold the data to a Florida group which created counterfeit credit, debit and gift cards. In a criminal complaint, the government charged seven members of that group with using over 200 stolen American Express card numbers to charge $187,000 worth of fraudulent purchases at Target Stores in Central Florida.

Any Computer in a Hotel is Fair Game for Hackers

There are countless methods that hackers can use to obtain hotel guests’ personal information because it’s collected, transmitted and stored in so many different ways.  For example, guests should avoid accessing their accounts or personal information and conducting sensitive email correspondence on public hotel computers. There are many reported cases of hackers installing malware on them which logs users’ keystrokes and records their passwords and account numbers.

Even in the privacy of your room, using the hotel’s wireless network isn’t safe.  Remember, hotel Wifi is a public network. Everything you do on it can be seen by others. There could also be rogue networks set up by hackers nearby to trick you into revealing your personal information.  Even the hotel’s wired network doesn’t protect your online privacy.

Using hotel wireless networks has changed the way we work and play when we travel.  But that doesn’t they’re safe.  Here’s what you can do to protect yourself online when you’re on the road.


Check Out Hotel Information Security Before You Check In


Ask your hotel what security measures it has in place to protect your personal information from data breaches.  Do its use a firewall?  Does it prohibit remote access to customer data?  How long does it keep your information?

Make sure your computer’s firewall is turned on and your virus and malware protection are up to date.

∙  Use long strong passwords composed of letters, numbers and characters and change them often.  Use a different one for each account.

∙  Turn off file sharing, disable peer to peer networking and remove sensitive data from your laptop before your next trip.

∙  Check to make certain you’re logging into your hotel’s Wifi network, not a fake hotspot designed to steal your personal information.

∙  Don’t pay bills, use credit cards or conduct other financial transactions on hotel wireless networks.

∙  Turn off your wireless network when you’re not using it.

∙  Monitor your credit card statements after each trip.

∙  Don’t use a debit card to pay your hotel bill.  A cybercrook could empty your bank account before you notice.

∙  Use a virtual private network solution like PRIVATE WiFi™. VPNs protect your identity by encrypting the information traveling to and from your computer. That means it’s hidden from hackers.

Were you the victim of a hotel data breach?  If you were, we’d like to hear what happened to you.  Drop us a line and share your story.


Get Private Wifi   Protect your personal information.
Get DataCompress   Cut your mobile data usage.

8 Responses

  1. August 20, 2012

    […] Let’s face it, hackers love hotels. And not because they want to get away and sip margaritas by the pool. The huge volume of personal information collected, transmitted, and stored by the hospitality industry has made it a prime target for cybercrime. Learn More […]

  2. September 28, 2012

    […] is why you need data security. With Private Wifi your personal information wont be available to others, when you are typing in […]

  3. October 11, 2012

    […] about the data security on the internet have caused alarm to many users most particularly to those individuals who are […]

  4. January 31, 2013

    […] that is I have no neighbors to steal my signal. Fortunately, living out here does not require the data security that would be required in a more populated area. I had my nephew set up a security system on my […]

  5. January 31, 2013

    […] Posted by wallywonks On January – 31 – 2013 When I am online I like to know I have data security and my information is safe. I use WiFi a lot when I’m traveling but sometimes wonder how […]

  6. February 20, 2013

    […] Indeed, public Wi-Fi hotspots can be a boon or bane. It gives you easy and free access to the internet in places such as airport terminals, hotel lobbies and coffee shops but it puts you in a high risk for identity theft if you don’t give much attention to your data security. […]

  7. April 2, 2013

    […] Let’s face it, hackers love hotels. And not because they want to get away and sip margaritas by the pool. The huge volume of personal information collected, transmitted, and stored by the hospitality industry has made it a prime target for cybercrime. Learn More […]

  8. May 21, 2013

    […] while on vacation, in a hotel or away from home, make sure that you are the only one who knows the data security information of your private network as connecting to hotel’s wifi and any public internet […]

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.