Cybercriminals don’t discriminate when it comes to picking their targets. So long as they see the potential for profit, they will attack relentlessly until they are able to achieve their goal. That being said, there are some industries they favor more than others.
Here’s the thing: in recent years, data breaches have become increasingly common in the hotel and restaurant industry. Millions of dollars have been lost, and countless information has been compromised already. As the attacks continue to ramp up, the world’s biggest firms in the industry will need to strengthen their defenses. Most importantly, they need to be better aware of the consequences that data breaches leave behind.
With that in mind, here are some of the biggest data breaches in the hotel and restaurant industry.
Applebee’s
Last year, Applebee’s franchise RMH Franchise Holdings announced that the restaurant chain’s website had been hit by a security breach that affected approximately 167 branches across the US, including in Kansas, Missouri, Kentucky, Texas, Wyoming, and more. In a press release, the company noted that the incident affected certain payment cards that had been used at RMH-owned branches.
The details that were stolen included names, card numbers, and expiration dates, all of which are essential for stealing the victims’ money.
Marriott Starwood Hotels
Marriott Starwood Hotels is one of the top brands in the hospitality industry. In spite of that, it had serious security flaws, which were exposed in a major data breach which happened last year. The successful attack compromised the data of about 327 million victims, affecting names, addresses, bank card numbers, contact details, and more.
The company’s shares took a dive once word got out. Although Marriott was quick to act, the damage had already been done. Aside from leaving countless data exposed, Marriott also suffered from a tainted reputation which still burdens it to this day.
Earl Enterprise
Earl Enterprise is a giant company which holds the rights to various restaurant chains, including Planet Hollywood, Buca di Beppo, and Earl of Sandwich. From May 2018 to March 2019, the company was the target of cybercriminals, and its POS terminals were infected with malware that compromised the data of millions of customers.
After the attack was confirmed, Earl Enterprise advised its clients to check their bank statements for any suspicious activity, as the stolen data included credit card numbers.
Hyatt Hotels
Hyatt Hotels has been the target of cyber attacks on numerous occasions already. The first case was in 2015, but the bigger damage was done during a data breach in 2017. According to the company, the incident lasted for more than three months, from March 18 to July 2. What’s more, it affected 41 of its properties across 11 countries.
Now: The stolen data came from payment cards and included names, card numbers, and CVCs. Since it was the second time a major breach had happened, Hyatt Hotels went under public scrutiny, which affected its stocks and overall reputation worldwide.
This is just the tip of the iceberg. There are many other noteworthy attacks on the hotel and restaurant industry. Why shouldn’t attackers try to help themselves from companies in this industry, anyway?
Here is what makes the hospitality industry an attractive target:
- Companies in the hotel and restaurant industry hold the information of millions of customers that go through them daily. This is a treasure trove of data for attackers.
- Most of the companies have a global clientele, meaning cybercriminals will have access to data from far off places.
- Major companies have countless branches spread across other countries. Once attackers are able to access the database of a certain branch, they could potentially breach others and get even more data.
- Human error is also common in the industry. Not every employee behind a hotel or restaurant counter is vigilant and cautious about the potential dangers of data breaches.
Bottom line:
The attacks on the hotel and hospitality industry will not cease. Companies in the field will need to up their security if they wish to avoid suffering from the devastating consequences of a data breach. Moreover, they need to keep in mind that the privacy and security of their customers are more valuable than anything else.
