5 On Your Side

Hotels, motels may be vulnerable to hackers

Posted June 25, 2014

— As many prepare to use debit and credit cards on their summer vacations, their financial information may be vulnerable to hackers.

"The major credit card companies require businesses to have standard data protections if they want to accept credit and debit cards. It's called being PCI compliant,” said Margot Gilman, a Consumer Reports financial expert. “But we found that a number of hotels may not be."

When questioning hotel and motel managers across the country, Consumer Reports found many of them “had not heard” or had “no idea” about PCI compliance.

Security failures at Wyndham Worldwide led to more than $10 million in unauthorized charges, according to a Federal Trade Commission complaint. Consumer Reports found that chain leaders and independent owners and operators pointed fingers at each other regarding who is responsible for PCI compliance.

Those wanting to know if their hotel or motel is compliant should just ask, Gilman said.

"Call any hotel or motel you are considering and ask if they are PCI compliant," she said.

Consumer Reports said it's worth checking Privacy Atlas, a website that tracks security standards at 39,000 hotels in the United States.

If travelers have any doubts regarding the data security of their hotel, Consumer Reports says use a credit card, which have much better fraud protections than a debit card.

1 Comment

This story is closed for comments.

Oldest First
View all
  • Todd Jenkins Jun 27, 2014
    user avatar

    Millions of dollars have been spent on PCI compliance by small and large business and are we any safer today for credit cards. NO!!! Just a bunch of PCI compliance companies have been the real winners. Bunch of hogwash that ended up costing the consumers.