A thief hacked into a hotel room at the Hyatt House Houston Galleria in Houston, Texas, on September 7th and stole the room occupant Janet Wolf’s laptop. Ms. Wolf, who ironically enough is an IT services consultant for Dell Computers, returned to her room to discover the missing laptop. An investigation by hotel management showed that no one but the room’s occupant had used the key card to gain access to the room during her stay, so it seemed the laptop just disappeared into thin air. The hotel was so concerned about the incident that they posted a security guard at their front entrance in an effort to keep similar incidents from ever happening again.
A few days after the incident, the hotel informed Ms. Wolf via a letter that they had discovered the room’s lock had been hacked open by someone who was unknown at the time, and that they were still investigating the incident. Matthew Allen Cook, age 27 and from Richmond, Texas, was arrested in Houston on October 31 for stealing the laptop, and was found to have pawned Ms. Wolf’s laptop within a few days of stealing it. He was also suspected in at least two other similar incidents at the same hotel that took place around the same time as this particular incident.
So how did he do it? Well, a security researcher named Cody Brocious had recently demonstrated the ease at which a hotel room lock could be hacked into, and three months later this particular incident occurred. Experts and hotel security believe that Cook used the very same method used by Brocious, which entailed using a simple $50 circuit board with attached wires to override the hotel’s key card lock system and gaining access to rooms. The locks, made by a certain company in Georgia, do give hotel management the ability to override the key card codes in cases of lost power or when they have malfunctioned, but only hotel management is given this information so it is unclear how Cook obtained this information. After his arrest, Cook was found to have allegedly stolen anywhere from $1500 to $20,000 worth of goods, and posted bond not long after.
Experts other than Brocious have reiterated that changes need to be made to hotel lock and key card systems to make them more secure and less vulnerable to attack, which has prompted these lock companies to take a look at improving the security of their products.
Fore more information:
http://www.forbes.com/sites/andygreenberg/2012/11/26/security-flaw-in-common-keycard-locks-exploited-in-string-of-hotel-room-break-ins/<!- mfunc feat_school ->