Study: Hotels a hot spot for credit card fraud
Hospitality industry targeted more than financial service companies
By Tyler Metzger | Published: February 8, 2010
If you're a hotel hopper, akin to George Clooney in "Up in the Air," your credit card details may be in danger.
|HOSPITALITY INDUSTRY UNDER ATTACK
Hotel services are targeted the most -- even more than financial service companies -- by hackers looking to steal your payment card information, according to Trustwave's SpiderLabs. The chart below shows which services are hacked the most.
Hackers steal card data from the hospitality industry more than any other -- even more than financial service companies -- according to a study by Trustwave's SpiderLabs, an information security company.
Out of the 218 data-breach investigations from 24 countries the company studied, 38 percent of the attacks occurred on hotels. And once the attack occurred, it took an average of 156 days for the business to realize it.
The crooks knew what they were after, too: 98 percent of targeted data was payment card information. Nicholas Percoco, senior vice president of Trustwave's SpiderLabs, said that card information is constantly under fire because it's the fastest way for thieves to grab real cash.
Here's a breakdown of the industries most targeted for security breaches, as indicated in the report:
- Hospitality industry (38 percent)
- Financial service companies (19 percent)
- Retail stores (14.2 percent)
- Food and beverage (13 percent)
- Business services (5 percent)
- Technology (4 percent)
- Other (4 percent)
- Education (1.4 percent)
- Manufacturing (1.4 percent)
Half of the attacks were conducted with remote access applications, which allow hackers to take control of a computer from an off-site location. Of the breaches that used remote access, 90 percent exploited default or weak passwords to steal data. About 42 percent of the attacks used third-party connections as a means to gain access, and less than 1 percent used e-mail-based malware.
"Attackers are using old vulnerabilities to get in and out," Percoco said. "They know they aren't going to be detected [in many cases], so they are camping out and not trying to hide because no one's watching."
SpiderLabs' report did not single out which hotels have been breached.
According to a February 2009 report by Javelin Strategy and Research, 9.9 million people were victims of identity fraud in 2008, and about 8.4 million people were victims of identity theft in 2007, or one person every four seconds.
If you suspect your card data has been hacked, request a credit report from one of the three major credit bureaus -- Equifax, Experian and TransUnion -- by using the free AnnualCreditReport.com. Review the report carefully to ensure all the charges are accurate. If you find errors, file a dispute immediately with the credit bureau that reported it, then alert your creditor and have the account frozen or closed.
See related: States' weapon of choice against ID theft: Transparency, 10 ways to protect yourself from data breaches, Identity theft booms, even as thieves rely on old-fashioned methods, Personal finance predictions for 2010: ID theft, Identity theft on the Oregon Trail
- Cash advance survey 2017: Read fine print before seeking quick cash – A review of 100 credit card cash advance policies found cash advance transactions can quickly consume an available credit line with fees, high interest charges, among other undesirable terms ...
- Household debt passes pre-recession peak, NY Fed finds – U.S. household debt has surpassed its pre-recession peak for the first time, says new data from the New York Fed. Economists say milestone doesn't mean consumers are over-leveraged ...
- Poll: Credit card fraud alerts surge, false alarms still common – Consumers report a 15 percent increase in contacts from banks about credit, debit card fraud ...