The tourism market has shown a sharp increase in cyber-crime targeting with over 3.9 billion malicious login attempts occurring last year against websites belonging to airlines, cruise lines, hotels, online travel agencies, etc.
With trusted brands, such as the Marriot, being thrust into the spotlight due to the hotel chain’s recent cybercrime attack which saw the hotel suffer the ramifications one of the worst security breaches in 2018, it begs the question ‘if the Marriot’s data security system was not secure, how does my cyber security systems measure?’
In times past, hotels and lodging establishments were more concerned about micro security issues, such as break-in’s and property theft, however, as we settle in to the digital era, where we are dependent on data for efficient booking, payments and documentation storage, it become clearer why the tourism industry is a treasure trove for cyber criminals.
The Marriot Starwood Hotel Group database hack, which resulted in a loss of personal information of approximately half a billion people, is a prime example that without Cyber Insurance policies, which cover litigation costs by those that have had their personal information stolen, tourism industry service providers are in extremely vulnerable positions for criminal cyber activities.
Marriot cyber breach enabled hackers to gain access to:
383 million guest records and 18.5 million encrypted passport numbers were breached. Details included 9.1 million encrypted payment card numbers and 385,000 valid card numbers in addition to 5.25 million unencrypted passport numbers 383 million guest records and 18.5 million encrypted passport numbers were breached. Details included 9.1 million encrypted payment card numbers and 385,000 valid card numbers in addition to 5.25 million unencrypted passport numbers (Forbes)
Our Cyber policy can protect in the following ways:
Data breach incident response – Call our hotline to a pre-approved top breach response law firm, who will initiate an investigation and coordinate the response plan on your behalf. This hugely important support will guide you through the process of dealing with this data breach, including doing the following:
- Engagement of forensic and IT security vendors to investigate the scope of the breach and provide expert response guidance.
- Identification of mandatory notification requirements.
- Assessment of voluntary notification options.
- Agreement of notification strategy / plan.
- Appointment of Call Centre / Credit Monitoring service providers.
- Public relations services.
- Mitigation of potential 3rd party liability actions
Network Security, privacy and data breach liability cover
– Our product protects our customers for costs to defend and resolve liability claims brought against you as a result of this data breach.
Regulatory Liability
– Our product covers our customers’ regulatory fine (wherever legally permissible) and associated legal costs following a data breach.
PCI Fines and assessments
– This section of our product, if you accept credit card payments, covers our customers’ contractual fines and associated legal costs following a data breach that affects payment cards.
Business Interruption
– This section of our product gives cover for our customers’ loss of income following this data breach.
Data Restoration
– This section of our product gives cover for our customers’ costs for data restoration or recompilation following this data breach.
Cyber Extortion
– This section of our product gives cover for our customer’s costs incurred following a cyber extortion threat such as this data breach.
