Identity theft

Today’s Wall Street Journal reports on the loss of credit card data of nearly 250,000 hotels.com customers by its auditor, Ernst & Young. For over a year, an urban legend about hotel key cards containing credit card data (and even social security numbers!) has swirled prompting even the AH&LA to issue a statement last year to debunk the myth. While the efforts have been largely successful, questions persist with even some lawmakers expressing concern that key cards compromise their privacy.

The Journal report, however, highlights the need for even greater oversight on the part of hotels with regard to parting with and storing of confidential client data. Why Hotels.com needed to give credit card data on their customers to their auditors is somewhat of a mystery. That auditors, who supposedly epitomize proper observance of safeguards in business should treat such information carelessly is less than acceptable. Coming after a series of lapses such as the Choicepoint (the world’s largest commercial data broker) episode from early last year, hotels should ensure that all software related to storing customer data that is retained is automatically encrypted – most companies already do that. The key is to ensure that no outside agency gains access to it unless it is the subject of a subpoena.

Published by

Vijay Dandapani

Co-founder and president of a New York based hotel company for 24 years. Grew the firm to five hotels in Manhattan and also developed a greenfield project at MacArthur airport, New York. Speaker at numerous prestigious forums including Economy Hotels World Asia, Lodging Conference, NYU, Columbia University Real Estate Roundtable, Baruch College's Zicklin School and ALIS. President and ceo of New York City Hotel Association since January 2017.

Leave a Reply

Your email address will not be published. Required fields are marked *