Breaches Happen, but It Doesn’t Mean You Are Liable
Hospitality companies face significant cyber security risks. A hotel processes millions of records containing personally identifiable information (PII) and transmits and stores vast amounts of credit card and employee data. As hotels collect more and more customer information from digital marketing and loyalty programs, the amount of data is rapidly increasing. Cyber criminals want this data. While Europay, Mastercard and Visa (EMV) chips and anti-fraud programs have helped, the challenge to secure the potential entry points for hackers remains, from point-of-sale (POS) systems to mobile devices and insecure WiFi networks.
A global hotel company was forced to rapidly respond to a breach. The company’s processing bank notified them that three of their major properties were likely compromised.
The hotel company and their outside counsel came to us for help. We advised on the extent of the compromise, the scope of affected credit cards that could trigger reporting obligations, and the presence of any digital forensic evidence that might limit the liability of the hotel company. Ultimately, our team preserved over 250 servers or workstations from more than 100 hotels. Using Lima, our proprietary scanning tool, we searched for evidence of any security breaches across thousands of servers within their hotels in the U.S., Latin America, Europe, the Middle East, and Asia.
- Delivered forensic evidence that minimized legal exposure and defined the defensible limits of the breach
- Diagnosed the type, timing, and scope of the breach swiftly, months ahead of the Payment Card Industry (PCI) forensic investigator (PFI)
- Instilled confidence in our client by providing our intimate knowledge of the legal procedures arising from a breach
Looking to safeguard your organization? Find out how our cyber security solutions can help you.