What hotels need to do to protect credit card data

Towards the end of 2015, Hyatt published a press release announcing an investigation into a situation that may have affected its payment processing software. According to this statement, malware was found on the computers running these systems, prompting an investigation and leading the hotel chain to offer identity protection to its affected customers. The locations affected include restaurants and other recreational facilities, where targeted cards were used over a period of several months.

While the risk only applies to payment data, this did include the cardholder's name. Since the results of this breach are so potentially extensive, hotel managers may need to start thinking more seriously about the hazards endangering their POS systems.

In an article for Techspective, Andy Green noted the general rise in hotel data security issues. Although there has been an uptick in security issues for this industry, Green said that the methods used to breach them are relatively old and established, including phishing.

Among the various defense measures Green recommended are better employee education, strong credential or password protection and "whitelisting" software.

"PoS systems should only be running software from a well-defined set—after all, these are single-purpose computers for handling credit card transactions," Green said. "In theory, whitelisting software that prevents the OS from launching non-standard binaries is an effective antidote to this hackware." However, he did warn that some attacks can render incoming malware "practically invisible to the OS."

Contact 911 Software for more information on great card processing software. Whether you run a hotel, hospitality business or retail chain, credit card systems should be safeguarded for the most secure customer experience.

Scroll to Top