Delivered-To: dfarber+@xxxxxxxxxxxxxxxxxx
Date: Sun, 02 Nov 2003 20:12:43 -0500
From: David Chessler <chessler@xxxxxxx>
Subject: Fwd: Hotel Keys
X-Sender: chessler@xxxxxxxxxxxxxxxx
To: farber@xxxxxxxxxxxxx
Cc: Keith Anderson <keith@xxxxxxxxxxxxxxx>, 'Declan McCullagh'
<declan@xxxxxxxx>
X-Mailer: QUALCOMM Windows Eudora Version 4.3.2
X-Spam-Status: No,
hits=4.2 required=7.5
tests=DOUBLE_CAPSWORD,CLICK_BELOW,MSG_ID_ADDED_BY_MTA_2
version=2.31
X-Spam-Level: ****
X-Spam-Filtered-At: eList eXpress <http://www.elistx.com/>
Dave:
Thanks for that article you sent yesterday. However, there appears to be
some difference of opinion. Mr. Anderson's company (the article you
forwarded yesterday) serves 3 major hotel chains, but apparently the
Passadena, CA, police department thinks there is a problem with at least
one major chain.
Date: Sun, 2 Nov 2003 06:32:22 -0800 (Pacific Standard Time)
X-Mailer: IncrediMail (2001184)
From: "Lyle Davis"
X-FID: FLAVOR00-NONE-0000-0000-000000000000
To: "David Chessler"
Subject: Hotel Keys
David . . . you posted something about this a couple of weeks ago. I
think I've since deleted it, but then I got this in my email box
today. What's the skinny?
Subject: Hotel Room Cards
Classification: UNCLASSIFIED
The following is provided for information and further dissemination, as
appropriate.
Southern California law enforcement professionals assigned to detect new
threats to personal security issues, recently discovered what type of
information is embedded in the credit card type hotel room keys used
throughout the industry.
Although room keys differ from hotel to hotel, a key obtained from one
well-known hotel chain that was being used for a regional Identity Theft
Presentation was found to contain the following the information:
a.. Customers (your) name
b.. Customers partial home address
c.. Hotel room number
d.. Check in date and check out date
e.. Customers (your) credit card number and expiration date!
When you turn them in to the front desk your personal information is
there for any employee to access by simply scanning the card in the hotel
scanner. An employee can take a hand full of cards home and using a
scanning device, access the information onto a laptop computer and go
shopping at your expense.
Simply put, hotels do not erase these cards until an employee issues the
card to the next hotel guest. It is usually kept in a drawer at the front
desk with YOUR INFORMATION ON IT.
The bottom line is, keep the cards or destroy them! NEVER leave them
behind and NEVER turn them in to the front desk when you check out of a
room. They will not charge you for the card.
Information courtesy of: Sergeant K. Jorge, Detective Sergeant, Pasadena
Police Department
Regards,
Judith
Office of the Deputy Chief of Staff (ODCS) G-2
Counterintelligence, Foreign Disclosure, and Security