Another hospitality industry data breach, despite “the latest computer security technology.”
Callaway Gardens, a resort complex located in Pine Mountain, GA, announced that its resort guests may be at risk of “sophisticated fraudulent credit card activity,” due to a recent data breach.
Callaway Gardens was notified of the breach by a credit card processing company, which had identified and notified multiple companies, including Callaway Gardens, about counterfeit purchases being reported by consumers. Barry Morgan, CFO of Callaway Gardens, stated that, “In our team’s immediate investigation, fraudulent malware was detected, contained and removed.” In a prepared statement, Callaway Gardens notes that the company employs the latest computer security technologies, but top experts in the field of computer forensics have been retained for a more thorough investigation of the breach and to recommend additional security measures as needed.
This latest incident provides further evidence that even the latest hospitality technology may not be sufficient to ensure credit card security, and that continuing education and vigilance by hotel staff is a vital part of any data protection effort. Payment card industry compliance is one means by which a hotel can bolster the protections available to guests. A strong PCI compliance program, including training for hoteliers, should be implemented to prevent incidents such as the one at Callaway Gardens.
The Venza Group has partnered with Arnall Golden Gregory (AGG) to create a series of interactive eLearning modules to address PCI compliance in the hotel industry. Management, employees and IT are taught about the requirements they must support as part of the Payment Card Industry Data Security Standards. The Venza Group also is partnering with AGG to create an interactive eLearning module to train hoteliers on general privacy and security awareness issues.