Data theft: The greatest liability concern facing hotels today

This is the final part in a series on liability in hotels. Click here for part two: Five tips to address hotel liability concerns.

Some of the greatest liability concerns hotels face today are digital in nature. Cyber attacks, and especially breaches of credit-card information, topped headlines in 2014. 

Nicholas Economidis, underwriter at specialist insurance provider the Beazley Group, said the biggest mistake hotels can make regarding guest credit theft is thinking, “This cannot happen to me.” Hackers, he said, are opportunistic and do not discriminate by segment or location. They are after credit-card information because it is the most commonly stored data from business to business, and they look for any open door to get to it.

Virtual Roundtable

Post COVID-19: The New Guest Experience

Join Hotel Management’s Elaine Simon for our latest roundtable—Post COVID-19: The New Guest Experience. The experts on the panel will share how to inspire guest confidence that hotels are safe and clean and how to win back guest business.

Harry Gorstayn, GM of the Radisson Blu Mall of America, in Bloomington, Minn., said his hotel no longer stores credit-card information. Instead, when a card is swiped at the property, he said, it is associated with a code, not a personal identification number. If a breach were to take place, hackers would only obtain codes that were meaningless to them.

Economidis said anything from hackers and electronic intrusion to malware could be the source of a breach. Even employees responding to credit-card provider requests could present an opening to data thieves. 

Once data have been compromised, security experts can easily lock the thieves out, but it is difficult to know when a system has been infiltrated. If a breach occurs, Economidis said, the incoming forensic audits can be managed to avoid paying maximum penalties.
For example, Economidis said if a company reporting a breach determines that 25,000 accounts were compromised and 100,000 may be vulnerable, auditors will treat the situation as if 125,000 accounts were lost. 

“Hotels need to work with auditors to reduce the numbers to a definite,” Economidis said. “You need to be an active participant in the process. Don’t make conservative assumptions; you can help them find better information.”

Suggested Articles

Under the new Safe + Sound standards established by Hard Rock, each hotel is required to pass a 262-point inspection.

The American Hotel & Lodging Association has announced COVID-19 Precautions for Hotels, an online course to help train teams on new guidelines.

The free program is designed to help travel workers expand their skill sets, develop professional networks and open career opportunities.