According to a very interesting article in the New York Times, by Joe Sharkey, “Fraud experts say hackers frequently steal personal data and make multiple small charges to authenticate a card, see how vulnerable it is, and test the watchfulness of the cardholder before making bigger charges. Credit card breaches often take place for months without being discovered by the hotel, and by customers who may travel frequently and not scrutinize card activity reports.” According to a study conducted by Trustwave, “Nearly 40 percent of credit card hacking cases in 2009 involved the hotel industry, versus 19 percent involving the financial services industry and 14.2 percent the retail sector. The Trustwave study also noted that, “organizations of all sizes are implementing new technology without considering fundamental security threats.”
The Time's article cites information from security investigator Anthony C. Roman who addresses the fact that hotels are particularly attractive to credit card hackers because they can use very simple methods to steal the greatest volume of card data. “Most of the chronic security breaches in the hotel industry are the result of a failure to equip, or to properly store or transmit, this kind of data, and that starts with the point-of-sale credit card swiping systems," Roman says.
Loretta Hunnicutt
No comments:
Post a Comment