Direct Technology Group Blog

Direct Technology Group provides professional IT Support and Network Services for Businesses around Deerfield Beach. Computer Services, Tech Support, IT Solutions and more!

Room Service, You Want Malware?

Room Service, You Want Malware?

In a recent finding, assorted large hotels owned and operated by HEI Hotel & Resorts have been victims of malware since 2015. 20 of the company’s hotels were affected, with customer financial data being exposed in a real-time, point-of-sale malware attack. Have you recently stayed at one of these hotels?

A list of the affected establishments, complete with the duration of the attacks, may be found here. It is not currently known how many customers in total were victims of the attack, as many of the victims likely used their credit cards on multiple occasions during their stays.

According to HEI, the malware likely made off with all of the data necessary to steal the card owner’s identity, including their name, account numbers, card expiration dates, and verification codes. Since containing the breach, the company has taken steps to replace their payment system and have contacted law enforcement.

However, since HEI doesn’t retain customer information (which is why the malware captured the data at points of sale) they are unable to reach potentially breached customers. Therefore, customers will need to reach out themselves. There is currently a free number posted for advice, but no credit monitoring yet available for potential victims.

This is not the only point-of-sale issue encountered recently, either. At this year’s Black Hat USA conference, a security researcher presented a device he had created for $6 that could not only duplicate hotel key cards, but also conduct a brute force attack on any door equipped with a card reader, making 48 guesses each minute.

Weston Hecker, the researcher who created the system, also enabled his hand-held device to be capable of inserting keystrokes into a point-of-sale system (like a cash register), using a magstripe reader from a considerably short range--short enough that a “lost cell phone” kept close enough to the device can read and record payment information, among other nefarious functions. This device has the ability to hack a cash register and force the drawer open, shut it down, or connect to malicious websites.

As such attacks get more intricate and widespread, hotels and merchants will need to be on their guard against threats to their IT. Fortunately, Direct Technology Group has the expertise to protect your systems. For more information, give us a call at (954) 739-4700.

Bold or Boneheaded? Apple Ditches the Headphone Ja...
Tip of the Week: 4 Ways to Maximize Your Office Sp...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, 07 November 2024

Captcha Image

Blog Archive

2014
January
February
March
April
May
June
July
August
September
October
November

Mobile? Grab this Article

QR Code
Request a Consultation

Direct Technology Group strives to provide the best comprehensive IT, Computer, and Networking services to small businesses. We can handle all of your organization's technology challenges.

Contact Us
Contact Us

Learn more about what Direct Technology Group can do for your business.

1358 W Newport Center Dr
Deerfield Beach, Florida 33442

Call us: (954) 739-4700

News & Updates
Direct Technology Group is proud to announce the launch of our new website at www.directtechnologygroup.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...