Wallerlaw.com
Disclaimer
Starwood data breach serves as wakeup call to Tennessee bars, hotels and restaurants
Back

Category: data breach, hacking, cybersecurity

Starwood data breach serves as wakeup call to Tennessee bars, hotels and restaurants

11.30.18

We suspect that thousands of Tennessee restaurants, hotels, bars and other hospitality businesses gather personal information from their customers for marketing purposes.  

It’s just a birthdate, address, anniversary, spouse’s name – good stuff to know, right?

That’s all fine and dandy until some hacker steals the information.  Marriott’s disclosure that 500 million Starwood Hotel guests’ personal data was stolen should be a wakeup call. 

We’ve had Beastie Boys’ classic Paul Revere stuck in our head all morning:

The kid said, “Get ready ‘cause this ain’t funny

My name’s Mike D and I’m about to get money”

Pulled out the jammy, aimed it at the sky

He yelled, “Stick ‘em up!” and let two fly

Hands went up and people hit the floor

He wasted two kids that ran for the door


Don’t expect Mike D to come knocking on the door at your restaurant demanding you to turn over personal information squirreled away in a computer somewhere in the back office.  Modern Mike D is coming through the internet.  He’s gonna hack your computer while you are sleeping off that last martini.

Don’t delay.  Call or email your IT person now and review your security procedures to ensure that employee data, as well as customer data, is protected.  Although your system may not be sophisticated enough to withstand cyberattacks from the likes of Mike D in Ukraine, anything you do is better than nothing.

Here are a few simple tips from Waller’s IT team:

  • Physically lock the office where the computer is located when it is not in use
  • Use a password to log in
  • Use complex passwords and change them regularly
  • Create very simple software that requires password changes, which annoy the heck out of us but work
  • Encrypt your hard drive with BitLocker or other encryption software, so that if the computer or drive is stolen, the data is not easily read
  • Password protect important files, particularly those that contain personal data such as social security numbers and dates of birth

One of the easiest things to do is minimize the amount of personal information you amass.  Although an owner needs employee data, do you really need personal data on your customers?

Heed the warning and be on the lookout for Mike D.



Subscribe Now!

Recommended Content

Victim of a cyberattack? Here's what the SEC says you should do
10 ways you can protect your company from a cyberattack
Top of Page