Taking a much-deserved vacation can be one of the most enjoyable occasions of the year. I just love experiencing different cities' restaurants and nightlife.
The last thing that you want to worry about while traveling is the security of your credit or debit cards. Unfortunately, a recently discovered data breach at some major U.S. hotels has put countless travelers' data at risk.
Has your banking info been compromised?
The latest data breach impacts people who stayed at either Hard Rock or Loews Hotels. The third-party reservation platform, Sabre Hospitality Solutions (SHS) SynXis, is warning customers that its system has been breached. Anyone who stayed at an affected hotel between August 10, 2016, and March 9, 2017, is at risk.
The following properties are part of the breach:
- Hard Rock Hotel & Casino Biloxi
- Hard Rock Hotel Cancun
- Hard Rock Hotel Chicago
- Hard Rock Hotel Goa
- Hard Rock Hotel & Casino Las Vegas
- Hard Rock Hotel Palm Springs
- Hard Rock Hotel Panama Megapolis
- Hard Rock Hotel & Casino Punta Cana
- Hard Rock Hotel Rivera Maya
- Hard Rock Hotel San Diego
- Hard Rock Hotel Vallarta
- Loews Hotels
If you made a reservation with any of these hotels during the impacted time frame, your financial data is at risk. An unauthorized party accessed unencrypted payment card information for hotel reservations including cardholder name, payment card number, expiration date and the cards' security code. In some cases, the guests' name, email, phone number, and address were also compromised.
SHS is still investigating the incident and has notified law enforcement. The company is sending notification letters to impacted customers as well and asks that you stay vigilant for incidents of fraud and identity theft. If you believe you're a victim of identity theft you should contact the FTC at identitytheft.gov.
What you need to do after a data breach
- Keep an eye on your bank accounts - You should already be frequently checking your bank statements, looking for suspicious activity. It's even more critical when credit card data has been exposed through a data breach. If you see anything that seems strange, report it immediately.
- Set up two-factor authentication - Two-factor authentication, also known as two-step verification, means that to log into your account, you need two ways to prove you are who you say you are. It's like the DMV or bank asking for two forms of ID. Click here to learn how to set up two-factor authentication.
- Investigate your email address - Have I Been Pwned is an easy-to-use site with a database of information that hackers and malicious programs have released publicly. It monitors hacker sites and collects new data every five to 10 minutes about the latest hacks and exposures.
- Change your password - Whenever you hear news of a data breach, it's a good idea to change your account passwords. Read this article to help you create hack-proof passwords.
- Close unused accounts - Here's an easy way to manage all of your online accounts at once.
- Beware of phishing scams - Scammers will try and piggyback on data breaches like this. They will create phishing emails, pretending to be from the affected company, hoping to get victims to click on malicious links that could lead to more problems. Take our phishing IQ test to see if you can spot a fake email.
- Manage passwords - Many people use the same username and password on multiple sites. Bad idea. If you're using the same credentials on multiple sites, change them to make them unique. If you have too many accounts to remember, you could always use a password manager.