[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ISN] Security Flaw In Common Keycard Locks Exploited In String Of Hotel Room Break-Ins


By Andy Greenberg
Forbes Staff

Whoever robbed Janet Wolfâs hotel room did his work discreetly.

When Wolf returned to the Hyatt in Houstonâs Galleria district last September and found her Toshiba laptop stolen, there was no sign of a forced door or a picked lock. Suspicions about the housekeeping staff were soon ruled out, too -- Wolf says the hotel management used a device to read the memory of the keycard lock and told her that none of the maidsâ keys had been used while she was away.

With the mystery unexplained, the Hyatt tried to give its guests a sense of security by posting a guard in its lobby. But Wolf couldnât shake the notion that a thief could re-enter her room at any time. âI had dreams about it for many nights,â says Wolf, a 66-year-old Dell IT services consultant traveling in Houston for business. âIâd wake up and think I saw someone standing there at my desk.â

Two days after the break-in, a letter from hotel management confirmed the answer: The roomâs lock hadnât been picked, and hadnât been opened with any key. Instead, it had been hacked with a digital tool that effortlessly triggered its opening mechanism in seconds. The burglary, one of a string of similar thefts that hit the Hyatt in September, was a real-world case of a theoretical intrusion technique researchers had warned about months earlier -- one that may still be effective on hundreds of thousands or millions of locks protecting hotel rooms around the world.


Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!