Blog

Background top
Ciberseguridad en hoteles
Oct 04, 2021
Ciberfraude

Cybercrime in hotels is on the rise

The use of interconnected technologies to manage operations, improve the customer experience and, ultimately, optimize day-to-day work has meant a before and after in hotels.

Of course, they facilitate coordination and control of the business, but they also create great threats and risks. More than ever, cybercriminals are on the prowl, looking for any weakness to gain access to critical business systems.

Therefore, it is necessary to increase online security in hotels. Betting on cybersecurity measures is the best prevention against exposure to all hacking and forms of intrusion to which companies are exposed today.

Cybersecurity in hotels is a necessity

Cybersecurity is one of the most important areas to take into account when managing an internet service. A single security breach on a website can cause the loss of millions of customer data.

As a hotel guest, can you imagine your personal data being stolen and sold?

Well, this is what happened to more than 339 million users of the Marriott International last year (two years after suffering another attack in which some 500 million users were compromised).

Following this crime, cybercriminals sold customers’ confidential information for an average of 10 euros each. The theft could be estimated with a value of up to 5,000 million euros of profits for the hackers.

Now more than ever, people’s private data is treasure trove for cybercriminals.

This not only poses a danger of privacy andsecurity for users, but also poses a problem for hotel groups, who face heavy fines, loss of credibility/reputation and downtime due to damage.

The 5 most important cyberattacks suffered in hotels

Malware, phishing, social engineering, etc. Cybercrime in the hotel industry is increasing at the rate of hotel databases, full of sensitive and personal information.

Some of the most notorious computer attacks on hotels have been:

  • Hyatt: In 2015, one of the most mediatic cases of cybercrime in hotels was revealed. Hyatt group point of sale computers suffered from a malware infection. In total, some 249 hotels in more than 50 different countries were affected, exposing the private information of millions of customers around the world.
  • Huazhu Hotels Group Ltd: One of the largest hotel groups in China suffered a cyber attack on its data that affected more than 130 million people. The attacker requested about 60,000 dollars to return all the information.
  • Trump Hotels: The hotel chain of former United States President Donald Trump was hacked between 2015 and 2017. Up to 14 of its hotels were victims of the cyberattack, where they seized customers’ credit cards and infected hundreds of computers and POS terminals.
  • Romantik Seehotel Jaegerwirt: The Tourists at the luxurious Austrian hotel were left unable to access their rooms due to a cyberattack with malware, which affected the electronic key systems.
  • Rosen Hotels & Resorts: Hackers spent a year and a half obtaining customer information without the hotel company being aware of it. Millions of credit cards were obtained by cybercriminals, as well as personal data.

How to mitigate the risk of cybercrime in hotels?

Protection against cybercrime is not only based on basic cybersecurity strategies such as firewalls, antivirus or backup copies.

Online security must go further and must begin with people.

In fact, attacks in the hotel sector often begin with information gathering.

Among others, it is critical to verify the identity of individuals to prevent access by users with malicious intent.

Advances in facial recognition and artificial intelligence have made cyber fraud in hotels much more complex to carry out. 

This is where biometric recognition or double authentication factor comes into play, as cybersecurity mechanisms are responsible for preventing hacking of technological systems

For example, phishing would be impossible on many occasions thanks to facial recognition, since facial features cannot be copied. On the other hand, artificial intelligence and European regulations such as the PSD2 directive on payment gateways are also very necessary to protect users from cyberfraud in hotels.