Leading Meeting Professionals

Professional Convention Management Association

August 30 2016

Hotel Industry Struggles To Fight Hackers

David McMillin


In the era of digital data, hotels have become big targets for online criminals. In 2015, Hilton revealed a large hack at restaurants and gift shops. A few months later, Starwood said that 54 of its properties fell victim to a similar scheme. At the end of the year, Hyatt added its name to the list of hacked hotel brands.

In 2016, the song remains the same in the hotel industry. When guests go home, they aren’t just taking memories of their travel experiences; some of them are taking the baggage of knowing they need to review their bank statements for potential fraud due to compromised hotel systems. Earlier this month, HEI Hotels & Resorts announced that a range of properties it manages were hit by malware attacks. From The Westin Washington, D.C. City Center to the Intercontinental Tampa Bay to the San Diego Marriott La Jolla, the cyber attack affected properties that sit under the umbrella of some of the most trusted names in hospitality.

As hackers get more sophisticated in their efforts to unlock credit card numbers and other private information, cyber crime will likely continue to be one of the biggest challenges facing the hospitality industry. “These [hackers] aren’t kids in a basement anymore,” Michael Blake, CEO of Hotel Technology Next Generation, said in a recent interview with NBC News. “This is truly organized crime. They’re very well-capitalized, they have motivation and some of their targets are pretty easy.”

MORE: The Hotel Industry Has A Big Cyber Security Problem

How Hacking Impacts The Convention Industry

When attendees check into host hotels, they’ll encounter the same cyber risks as any other guests. However, one could argue that the risks are even greater for conventioneers. While average hotel guests may have their credit card data stored in the hotel’s registration database, attendee data can pass through a number of potentially compromised systems.

Consider the scenario that the American College of Emergency Physicians faced earlier this year. One of the telemarketing companies that the organization uses to collect membership renewal dues was hacked. Bobby Heard, MBA, CAE, Associate Executive Director, Membership & Education, ACEP, reflected on the rise in hacking and online theft at the PCMA Education Conference in June. “We’re going to see more and more of this type of situation,” he told his convention industry peers in St. Louis.

So what can you do to better protect your attendees’ data? Your organization can take plenty of internal steps to use the most advanced encryption and adhere to best practices for fighting cyber crime, but you also must make sure that each of your vendors is taking cyber crime seriously. Regardless of all your efforts to safeguard sensitive information, your organization may still fall victim to an attack. With that in mind, follow Heard’s lead and look into insurance to cover legal costs in the event of a worst-case cyber scenario. Click here to learn more.

Please log in to post comments.