No company that does business online is safe from hacking. Hotels are no exception. It doesn’t matter how sophisticated the hotel or who owns it, if you’re taking in someone’s personal information, it can be stolen. Not even Donald Trump and his hotels are immune.
The recent breach of the Trump properties didn’t appear in the news until early July, but investigators believe the theft goes all the way back to February. The credit card breach was only found after tracking a pattern of fraudulent charges back to the only common denominator – the hotels the victims stayed in.
We may never know how long or how many records were actually stolen, but with multiple properties in large cities, a few months is a long time to steal credit card numbers. That’s a lot of angry customers who are going to be asking hard questions like how the hotel could let it happen and what they will do to prevent it from happening in the future.
Don’t be fooled into thinking you’re safe because you’re small or you’re part of a franchise. Hackers don’t just seek out the big guys. Your hotel needs a cyber liability insurance policy, regardless of its size.
A good cyber liability insurance policy will help you with the fallout.
- Using your franchise’s system is not a guarantee of protection by the parent company. Check your contract with the franchise. You might be one of the few fortunate hotels protected in case of a data breach. Most franchisees aren’t so lucky. In fact, there will most likely include a line that specifically holds the parent company harmless and places the burden squarely on your shoulders.
- The Payment Card Processing company does not automatically cover you, even if the data breach originated with them. Unless you managed to include specific language to be covered under their policy in your contract, you’re on your own. Without cyber liability insurance, you’ll be responsible for all attorney costs, notification fees, and any monetary settlement. Plus, if the data breach can be traced back to your hotel property, the Payment Card Industry requires you to conduct a forensic accounting audit at your own expense. You’re looking at $25,000 plus any fines for non-compliance found in the audit.
- The notification fees alone could bankrupt you. Once you discover a data breach, you are required to notify every guest in your database. Think about how long your hotel has been in business and how many guests you’ve had over the years. Now multiply that number by $30, the approximate notification fee per guest.
Cyber liability insurance doesn’t sound too bad now, does it?
Every time you hand your credit card over, you’re placing your trust in the person and the company. The same is true with your hotel. Every single guest expects their information to be safe. In the world we live in, we all know that a data breach can happen at any point. If it happens at your hotel, your guests won’t be looking to the hackers or your Payment Card Processing company for information, they’re coming to you. Make sure you’re protected with cyber liability insurance.
Image courtesy of Flickr user Loozrboy.