Hotels have become a cyber attacker’s paradise. The latest security breach of a large hotel franchise occurred at a few Hilton Hotels (HLT) reports Washington Post. Hotels are low hanging fruit for cybercriminals as many in the hospitality industry are at the forefront of business technology, but often lag behind in the technology to keep consumer information safe.
The cybersecurity community has long touted that the hospitality industry is too vulnerable for the amount of sensitive information that they retain. The high volume of cardholder data that passes through hotels on a daily basis must be protected. There are multiple touch-points for credit cards that go from the front desk to the corporate data center. As a result, a large data footprint of sensitive consumer data is created. This reality demands that the hospitality industry be more diligent to reduce the footprint.
The security breach occurred primarily in the United States in properties like the Hampton Inn & Suites, Embassy Suites, Doubletree, and Waldorf Astoria Hotels & Resorts. The breach seems limited to credit card transactions at gift shops and restaurants. Hilton reports that hackers first accessed customer data in November 2014, and it is possible that attacks are still happening.
It is unknown exactly how many properties were hacked, or how many consumers were affected. The Hilton chain has yet to comment on the size of the breach outside of a written statement that the Hilton is actively investigating the breach claims.
This is only the latest in point-of-sale, credit card-centric hacks. Over the last few years, America has seen just how devastating large scale hacks can be to merchants and consumers. The reasons for these persistent hacks are many, but the cybersecurity community believes the U.S.’s late adoption of EMV standards left Americans vulnerable to attack.
This latest security breach of a major hotel chain is another reason why hotel merchants must invest in upgrading the security of their POS systems. To begin, merchants must have EMV enabled POS systems. Also they should have chargeback protection that will combat fraudulent charges protecting merchants and consumers. Hotels must have their payment processes monitored at every turn. The experienced payment processors at eMerchantBroker.com offer premium hotel credit card processing and security. Contact us to learn more.