Data theft: The greatest liability concern facing hotels today

This is the final part in a series on liability in hotels. Click here for part two: Five tips to address hotel liability concerns.

Some of the greatest liability concerns hotels face today are digital in nature. Cyber attacks, and especially breaches of credit-card information, topped headlines in 2014. 

Nicholas Economidis, underwriter at specialist insurance provider the Beazley Group, said the biggest mistake hotels can make regarding guest credit theft is thinking, “This cannot happen to me.” Hackers, he said, are opportunistic and do not discriminate by segment or location. They are after credit-card information because it is the most commonly stored data from business to business, and they look for any open door to get to it.

FREE DAILY NEWSLETTER

Like this story? Subscribe to Operations!

Hospitality professionals turn to Operations as their go-to source for breaking news on guest rooms, food & beverage, hospitality trends, management, and more. Sign up today to get news and updates delivered to your inbox daily and read on the go.

Harry Gorstayn, GM of the Radisson Blu Mall of America, in Bloomington, Minn., said his hotel no longer stores credit-card information. Instead, when a card is swiped at the property, he said, it is associated with a code, not a personal identification number. If a breach were to take place, hackers would only obtain codes that were meaningless to them.

Economidis said anything from hackers and electronic intrusion to malware could be the source of a breach. Even employees responding to credit-card provider requests could present an opening to data thieves. 

Once data have been compromised, security experts can easily lock the thieves out, but it is difficult to know when a system has been infiltrated. If a breach occurs, Economidis said, the incoming forensic audits can be managed to avoid paying maximum penalties.
For example, Economidis said if a company reporting a breach determines that 25,000 accounts were compromised and 100,000 may be vulnerable, auditors will treat the situation as if 125,000 accounts were lost. 

“Hotels need to work with auditors to reduce the numbers to a definite,” Economidis said. “You need to be an active participant in the process. Don’t make conservative assumptions; you can help them find better information.”

Suggested Articles

Following the deaths of five people in a shooting at an Airbnb rental in California, CEO Brian Chesky said the platform was “banning party houses.”

The hotels, all owned by U.S. OCG, total 499 rooms and together offer more than 93,000 square feet of meeting space.

The former president/CEO of Wyndham, Dolce and Miraval will serve as the spa, wellness and management firm and consultancy’s vice chairman.