The travel industry has been always of great interest to cybercriminals. No wonder — the cause of that is fairly large volumes of personal and payment data processed by businesses, including those belonging to VIP visitors. Intruders aim at both individual hotels and hotel chains that operate with data of tens of thousands of people. More details you can find in our overview of the largest leaks in this industry in the first half of 2017.
In January 2017, a hotel employee was arrested on the island of Santorini. Using his official position and privileges, the man stole the entire client base containing personal data and payment information of 1500 people. The stolen information allowed the violator to commit over 40 illegal transactions worth more than 8000 Euros. Moreover, during the search in the house of the wrongdoer, the police found and seized about 900 files with personal data of Greek and other foreign citizens which contained credit card information among the other things.
In February, InterContinental Hotels Group warned its customers and confirmed data breach. Attackers managed to inject the malicious software that collected information about payment cards into payment terminal systems in 12 restaurants and bars of hotel chains. The breach lasted about four months. One can only guess how many clients of InterContinental Hotels could have been affected for such long period of time.
Roberts Hawaii also suffered from malware. An investigation found a surreptitious code had been installed on the company's web server that copied personal information during checkout. The company reported that orders placed between July 2015 and December 2016, may have been affected.
In March, dozens of registration forms containing personal information were stolen from the fashionable Seasons Hotel in Sydney, along with scans of passports, driver's licenses and other forms of personal identification. Fortunately, the police managed to prevent the crime by seizing the bags of documents before hundreds of innocent hotel guests could fall victim to global organized crime.
In May, Saber Hospitality Solutions, a member of the Saber Holdings campaign group, reported unauthorized access to the SynXis reservation system, a SaaS application currently used in more than 32,000 hotels worldwide. The unauthorized access has been shut off momentarily; however, the consequences of this breach could count thousands of victims.
Experts note that travelers who use hotels’ open Wi-Fi networks to make payment transactions are at a greater risk. Unprotected network channels may be easily abused by criminals to steal billing information.