The hospitality industry, which comprises a range of high-revenue businesses such as hotels, restaurants, airlines, and food and beverage companies, has continued to innovate and rely on technology as a way to stay competitive and boost retention. With access to millions of consumers’ personal and financial data, however, the industry has also become an attractive target for adversaries seeking to engage in a variety of illegal activities.

Below are examples of the types of threats and challenges Flashpoint helps businesses in the hospitality industry address:


Since many companies concentrate their security resources on combating external threats, insider threats can be particularly complicated to address. Such threats occur when current or former employees, often motivated by profit or revenge, misuse their access to company networks, data, or other assets. As such, companies need to thoroughly manage user access privileges, keep permissions in check with thorough onboarding and offboarding, and continually audit authorizations provided through identity and access management systems. And given that many insider threats involve extensive planning and collaboration within illicit communities, it is also crucial for companies to maintain visibility throughout these regions of the internet.

Flashpoint provides this type of visibility. For example, analysts uncovered a rogue employee posting on a Spanish-language forum offering their services as an insider at a Mexican resort. The hotel employee claimed to handle many credit cards with high credit limits, and sought a partnership with experienced carders. Flashpoint provided advance warning of the insider threat, thereby enabling the hotel to identify and reprimand the employee and take appropriate measures to safeguard customer data.


Due to the high volume of sensitive financial information processed by point-of-sale (POS) systems, these technologies remain a high-priority target for criminals. With the advancement of POS systems, companies have continued to take reasonable precautions to uphold the integrity of transactions. However, without visibility into the chatter within illicit communities—much of which pertains to upcoming fraud schemes and emerging strains of malware—companies may be unaware of the full spectrum of threats to which they are susceptible.

For instance, it was reported that restaurants in different locations of a popular hotel chain were victims of a malware attack. The attackers infected the payment systems and stole data such as cardholder names, card numbers, expiration dates, and internal verification codes from cards that were used online and routed through the hotel’s payment-processing system. Flashpoint analysts were able to locate where the information was being sold on illicit communities and quickly alerted the hotel about the potential breach. The hotel’s security team was able to verify the legitimacy of the breach, assess the extent to which they were compromised, and take the necessary steps to mitigate any further risks.


Cybercriminal interest in stolen data is not solely limited to financial or personally identifiable information. Rewards programs incentivize customers to spend and earn points to access discounted flights, hotels, gift cards, restaurant meals, and more. These types of programs have become instrumental to industry leaders’ value propositions, but they have also attracted cybercriminals seeking to cash in on the benefits or reap the rewards themselves.

With Flashpoint’s ongoing monitoring of illicit communities, companies can stay aware of potential compromises to their rewards points programs. In one instance, Flashpoint analysts observed adversaries offering illicit travel booking services at substantially discounted prices. Such services used various types of travel rewards points that had previously been accessed and stolen via compromised user accounts, particularly those associated with rewards points credit cards. Actors then used these points to purchase hotel rooms, flights, and car rentals through various legitimate travel websites. Illicit booking services such as these compromise the integrity of the industry, which is why it’s crucial for hospitality companies to continually monitor and have insights into these communities and stay abreast of this threat.

Did this answer your question?