3 Risks to Your Personal Data When Staying at a Hotel

Joel Lee 21-01-2016

So you’ve gone ahead and booked a vacation package deal How to Save Money on Your Next Vacation Package We all need a proper vacation now and then. If a holiday is on your horizon, you consider booking a vacation package. Here are some options. Read More , ordered cheap airline tickets 5 Rules to Finding Cheap Airline Flight Tickets Who says you can’t fly for cheap? Sometimes it comes down to whether or not you click the right links, search the right terms, or pick the right times to search the web. Read More , and ultimately had a stress-free trip Stress Free Travel: How to Prevent Mistakes and Minimize Anxiety Wouldn't it be nice if traveling could be a blissful affair? With a healthy dose of technology and a few tweaks to your traveling mindset you can banish all anxiety. Read More . Now you’re at the hotel where you’ll be staying for the next few nights. But are you safe?


Not just physically, but also digitally. With each passing year, more and more travelers are falling victim to data breaches and privacy invasions that are inconvenient at best but life-destroying at worst — all because of a few simple but costly hotel mistakes.

If you don’t want your next hotel stay to turn into an identity theft nightmare, here are some things to keep in mind.

1. Payment Details Can Be Stolen

2014 was the year of data breaches. Every few weeks, a new story would pop up about how this company or that company had their databases hacked and their data stolen 3 Online Fraud Prevention Tips You Need To Know In 2014 Read More : credit card numbers, login credentials, personal details, etc. It was an absolute mess.

Unfortunately, hotels are not immune to any of that.

During that same year, a hotel management company — the one that maintains big name brands like Hilton, Marriott, and Sheraton — fell victim to a data breach that affected at least 14 of their hotels across the country. This breach exposed the credit card and debit card details of guests who had stayed in those hotels during 2013.



More recently, in late 2015, Hyatt Hotels Corporation found malware on some of their payment-processing computers. While it isn’t yet clear if any credit card or debit card numbers were stolen, we do know that a lot of sensitive information was available on those computers and it’s possible that they were.

As a hotel guest, there isn’t much you can do about this. Each hotel is responsible for its own data security and it’s beyond your control whether or not they get breached. However, there are a few precautions you can take to minimize your risks against fraud How Credit Card Fraud Works and How to Stay Safe Credit cards and gift cards are regularly stolen. How do thieves get your card? How can you keep safe from credit card fraud? Read More .

First, always pay using credit cards because they offer more user protections than debit cards. (Just be careful to not fall into credit card debt How to Get Rich: The Fastest Way to Get Out of Debt Imagine being debt free. No overdrawn balances or unpaid bills. There is a foolproof way of getting yourself out of debt. It starts with a plan and some discipline. Let's visit the other ingredients. Read More .) Second, familiarize yourself with the warning signs of identity theft 6 Warning Signs Of Digital Identity Theft You Shouldn't Ignore Identity theft isn't too rare of an occurrence these days, yet we often fall into the trap of thinking that it'll always happen to "someone else". Don't ignore the warning signs. Read More . That way, if something does go wrong, you can rectify the issue sooner rather than later.


2. Never Trust Public Wi-Fi Networks

Hotel Wi-Fi connections are hotbeds for security issues. Many people now realize and understand that public Wi-Fi is problematic for several reasons 3 Dangers Of Logging On To Public Wi-Fi You've heard that you shouldn't open PayPal, your bank account and possibly even your email while using public WiFi. But what are the actual risks? Read More , but people tend to forget that hotel Wi-Fi is public Wi-Fi and should be treated as such.

Consider the “Dark Hotel” threat that surfaced in 2014 and affected hotels across the U.S., Germany, Ireland, and East Asia. When users connected to an infected hotel’s Wi-Fi network, they were prompted to “update” some well-known software like Adobe Flash — but in actuality, they’d end up unknowingly installing malware.


This bit of malware mainly recorded keystrokes and stole details Don't Fall Victim to Keyloggers: Use These Important Anti-Keylogger Tools In cases of online identity theft, keyloggers play one of the most important roles in the actual act of stealing. If you’ve ever had an online account stolen from you - whether it was for... Read More like login credentials and online payment information. The hotel malware itself, which remained inactive for six months after initial infection, was spread through phishing techniques What Exactly Is Phishing & What Techniques Are Scammers Using? I’ve never been a fan of fishing, myself. This is mostly because of an early expedition where my cousin managed to catch two fish while I caught zip. Similar to real-life fishing, phishing scams aren’t... Read More and exploited vulnerabilities in the Wi-Fi network setup.


And then in 2015, a vulnerability was found in InnGate network routers (which are used by many hotel Wi-Fi networks) that could distribute malware, record network data, and even hack into the hotel’s keycard system. Infected devices were found in at least 29 separate countries, most prominently in the U.S., Singapore, and the U.K.


Here’s the thing about hotel Wi-Fi networks: hackers have learned that hotel networks can be quite profitable. Rich business executives travel a lot, and when they do, they stay at hotels. Plus, hundreds — maybe even thousands — of guests could be connected to a single hotel network.

That’s a lot of data to collect and exploit. So the next time you’re in a hotel room and thinking about checking your online banking balance Is Online Banking Safe? Mostly, But Here Are 5 Risks You Should Know About There's a lot to like about online banking. It's convenient, can simplify your life, you might even get better savings rates. But is online banking as safe and secure as it should be? Read More , you may want to reconsider. It’s impossible to know who might be eavesdropping on your connection and sniffing out your sensitive data.


Fortunately, there are ways to stay safe on public Wi-Fi How To Combat WiFi Security Risks When Connecting To A Public Network As many people now know, connecting to a public, unsecured wireless network can have serious risks. It’s known that doing this can provide an opening for all manner of data theft, particularly passwords and private... Read More , though they’ll require a bit of diligence on your part. At the very least, though, you should learn all of the common misconceptions about wireless networks 10 Common Misconceptions About Wireless Networks Today, we're going to bring networking to the forefront, and discuss 10 of the most widespread misconceptions about your home Wi-Fi network.  Read More so you are never caught off guard.

3. Hotel Doors & Safes Can Be Cracked

In a hotel, your computer isn’t the only thing at risk. If the hotel provides you with a safe or lockbox in your room, don’t be so quick to dump everything in there and expect it to remain untouched.

Your chance of being robbed may be low, but it’s definitely not zero. There are videos on the Internet that demonstrate how to crack different kinds of hotel lockboxes, and once you see how trivial the process is, you’ll second guess how effective those things really are.

And because these videos are floating around on the Internet, it’s best to assume that everyone — even the hotel maid — knows how to do this. It’s too bad that a lot of hotels still haven’t replaced their easily-cracked boxes because it’d be too expensive to do so.

Of course, for someone to break into your room safe, they’d first have to break into your room itself. Unfortunately, this can also be trivially easy in some cases.

How do you feel knowing that a simple marker is all it could take to bypass a door like the one above? Obviously it doesn’t apply to all kinds of doors, but it does raise an important question: how many electronic doors have vulnerabilities like that?

Consider the case of Cody Brocious, who discovered a way to exploit Onity door locks using a $50 device that he built himself. It wasn’t a perfect hack, but even an imperfect hack is seriously distressing when it comes to hotel safety and security.

Nowhere Is Safe, Not Even Hotels

To be clear, our aim isn’t to turn you paranoid. Millions of people stay at hotels every day without any nightmare scenarios dropping on their heads. However, these risks are out there, and awareness is key in case you ever fall victim to one of these problems.

Do you have any hotel horror stories related to these security risks? How do you keep your data secure when staying at a hotel? Share with us in the comments below!

Image Credits: Credit Card by Ti_ser via Shutterstock, Man Using Tablet by Eugenio Marongiu via Shutterstock, Hotel Businessman by GaudiLab via Shutterstock

Related topics: Credit Card, Online Security, Travel.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Joseph
    January 30, 2016 at 2:57 am

    When I stay at hotels I carry my laptop & valuables with me always. Use my USB dongle for internet.

  2. Anonymous
    January 28, 2016 at 11:30 pm

    Using a VPN would seem like the minimum precaution you should make when traveling. Make sure that you sign up before you go away.

    A simple door chock/wedge provides extra security while you are in your hotel room.

  3. rk
    January 25, 2016 at 9:53 pm

    I learned from this article, all the things that can be broken into. As far as what to do about preventing such attacks, not much!! very basic common sense stuff but no great advice or tips!

  4. Eddie G.
    January 22, 2016 at 5:18 am

    I use Linux, so I know that my data isn't easy to get. Since the viruses and trojans/malware that floats around out there cannot run on a system that doesn't even use ".exe" files to begin with! I try to promote Linux to as many people as will listen, and the more you can get your brother.....your mother....your nieces or nephews just about ANYONE in your family on to the Linux platform the better off they'll be. This is not to say that you act recklessly when in a hotel room regardless of what OS you use, it just makes me feel a little "safer" is all.

    • Thunder
      January 23, 2016 at 9:02 am

      drops linux version of cryptowall
      execute it with your public key
      rip everything