Hotel Breach Points to Need for Enterprise Security


As a recent breach on a popular hotel proves, there’s no vacation from cyberattacks.

In Houston, the aptly named Houstonian Hotel is about as good as it gets. Nestled near the city’s Memorial Park, it’s a 289-room den of style and elegance. But even the fanciest hotels in the world can’t keep out certain unwanted guests.

Cybercrime at the Houstonian
According to The Houston Chronicle, the hotel released a statement on July 8 announcing that it had been hit by a credit card attack that occurred for more than half a year, beginning in December 2013 and ending last month. The malicious incursion went unnoticed until the U.S. Secret Service got in touch with the hotel to alert it to the presence of a hacking operation. In a hotel-released published in the Chronicle, Houstonian representatives said efforts are being taken to boost enterprise security following the incident.

“We undertook immediate action to fully secure our customers’ data,” the release stated. “As of June 20, we had fully replaced and overhauled the breached systems, further restricted access to all our servers and hired a data forensics firm to help us enhance our digital security.”

But this effort at patching the system comes a bit too late. Reportedly, the information of 10,000 customers was exposed during the months-long intrusion. Meanwhile, the hotel is only just now getting around to launching a criminal probe into the incident, and this delay in a proactive response will likely not bode well with the thousands of customers who are already coming to grips with the fact that their personal data was exposed.

One victim of the breach is John West, a college professor who enjoyed a trip at the hotel with his family only to later learn that his credit card had been breached. West told the Chronicle he wishes the Houstonian had been more proactive about notifying victims. Indeed, the hotel took almost a full month between first learning about the breach and letting all those who may be affected know.

If there’s one thing a breach promises, it’s a slow recovery time, and this incident is likely to be no exception. The malicious intrusion and its fallout will surely create challenges for the business as far as bouncing back and may very well have a detrimental impact on future patronage. The takeaway from this couldn’t be clearer: Guard your enterprise the best you can to prevent something like this from ever happening at all.


Entrust provides identity-based security solutions that empower enterprises, consumers, citizens and websites in more than 5,000 organizations spanning 85 countries. Entrust's identity-based approach offers the right balance between affordability, expertise and service. With more than 125 patents granted and pending, these world-class solutions include strong authentication, physical and logical access, credentialing, mobile security, fraud detection, digital certificates, SSL and PKI.


Add to the Conversation