FLORIDA HOTELS HACKED: IS THIS A PREMISES LIABILITY ISSUE?
Sept. 28, 2016
On August 15th, the Orlando Sentinel reported that an undisclosed number of people who had used their credit cards at hotels such as the Sheraton, Westin, Hyatt, Marriott, and others may have had their personal information stolen as a result of the payment systems for these hotels being hacked into. Specifically, investigators found malware designed to capture sensitive information present at approximately 20 properties. Hacked hotels in Florida included the Boca Raton Marriott at Boca Center, Royal Palm South Beach Miami, Intercontinental Tampa Bay, and Westin Fort Lauderdale.
As class action lawsuits related to data breaches in connection with stores like Target and Home Depot are already underway, one question that arises is: Is this just an issue of consumer protection, or is it also one of premises liability? Owners of hotels arguably have a reasonable duty to protect customers staying there from dangerous conditions; wouldn’t that include inadequate security that leads to a data breach? Identify theft can involve a significant amount of harm and injury, and always begins with personal information being stolen from someone.
Those at Risk
In this particular instance, individuals who used credit cards at point of sale terminals (such as stores and restaurants inside the hotels) between March 2015 and June 2016 were particularly vulnerable. Supposedly, hackers collect and sell this information on the internet. However, fraud prevention technology has improved over time, and as a result, many thieves have moved on from stealing credit card information to health care data, which can be more lucrative. This also leaves us wondering whether, due to this improvement in technology, a credit card breach is out of the ordinary in this day and age, and potentially due to inadequate computer security.
The Risk of Data Breach
Although consumers are typically not liable for fraudulent charges made on their credit cards, stolen personal information can be used for identity theft purposes, which can result in serious harm. In fact, earlier this year, Home Depot had to create a $13 million settlement fund to reimburse members of the class action lawsuit against them for losses that occurred as a result of the Home Depot data breach; for example, costs related to extra credit monitoring. As a result of this settlement, Home Depot also had to increase minimum data security measures for at least two years after, including ensuring that reasonable safeguards are in place to manage any risk to customers.
Ultimately, in any case, the question of liability comes to down to what is a reasonable responsibility. Any hotel or business owner is going to need to have reasonable security in place to protect its customers’ payment and identification information, and if they do not, they could be liable for damages.
Florida Premises Liability Attorney
A property or business owner or operator who opens up their property to others has a duty to make that establishment safe for customers. When they fail to take reasonable, basic steps to protect customers from harm and an injury results, they can be held liable for damages.
Clearwater personal injury attorney Mike Walker is dedicated to ensuring victims are fully compensated for their injuries. Contact the office today for a free consultation.