[CQ-Contest] Dayton Crown Plaza Credit Card flaw

Barry w2up at comcast.net
Fri May 26 16:44:06 EDT 2017 

Bogus charge on your card?  Call the 800 number on the card and get it 
removed.  It's not your problem.  It's the bank's problem. Credit card = 
100% protection.  Debit card, not necessarily (US law)

Much ado about nothing.

Barry W2UP

On 5/26/2017 13:54, Ria Jairam wrote:
> I believe that European credit cards have mag stripes on them, so they can
> be used overseas. US has begun to adopt chip cards but a large number of
> places use swipe despite the liability shift that occurred in 2015. There's
> also the good old fashioned knuckle buster that can read a card imprint.
>
> The best security is NFC, such as Apple Pay. You get a different account
> number from your actual card number and it is secured. It's also faster
> than an EMV chip dip.
>
> I wish more places would have it.
>
> Ria
> N2RJ
> On Fri, May 26, 2017 at 2:42 PM David Siddall <hhamwv at gmail.com> wrote:
>
>> My understanding is that IHG caused their own problem because they used
>> old-fashioned "swipe" terminals instead of modern chip terminals.  (Chip
>> information is encrypted.)
>>
>> But don't feel overly safe.  Even credit card chip technology in the U.S.
>> is less secure than elsewhere.  A lost U.S. credit card with chip can be
>> used anywhere by anyone until canceled.  A European credit card, however,
>> cannot be used without the owner's 4-digit PIN in addition to the chip
>> (same as debit cards, but not credit cards, in the U.S.).
>>
>> 73, Dave K3ZJ
>>
>>
>> On Fri, May 26, 2017 at 6:02 AM, jpescatore--- via CQ-Contest <
>> cq-contest at contesting.com> wrote:
>>
>>> Here's what happened - it happened to me and I work in Internet security:
>>>
>>>
>>> The Intercontinental Hotel Group (parent of Holiday Inn, Crowne Plaza,
>>> etc) was hacked back in February and continuing through April. Over 1,100
>>> of its hotels were impacted. If you are interested, details here:
>>> http://www.computerworld.com/article/3190175/security/1-175-
>>> hotels-listed-in-payment-card-breach-of-holiday-inn-parent-company.html
>>>
>>>
>>> I checked in to the Crowne Plaza on Friday afternoon. Later that day I
>> got
>>> a potential fraud alert from Mastercard that a "card not present" charge
>> of
>>> $377 was made to my card by something called IHG. I checked online, my
>>> charges that day for gas and for the hotel I stayed on on Thursday night
>>> were there and legit - and there was an IHG charge of $377.
>>>
>>>
>>> When I checked in, they physically swiped my card so it should *not* have
>>> shown up as card not present, and I didn't immediately connect IHG to
>>> Crowne Plaza. I called Mastercard, they connected me to the fraud folks
>> and
>>> I asked "Do you show more information about IHG?" they said no. So, I
>> said
>>> that must be a fraudulent charge and they cancelled that card and are
>>> sending me a new one.
>>>
>>>
>>> I went down to the desk to tell them I would switch the charges to
>> another
>>> card and they said "Yes, we are having a lot of that because of the
>> hack."
>>> Bells went off in my head, but too late to stop the card from being
>>> cancelled. The clerk said "let me check the list of disputed charges,
>>> because the system will shut your room card access off." I'd come down
>>> quickly enough, wasn't on that list but it was several pages long.
>>>
>>>
>>> Because of the hack and exposure, IHG apparently was centrally processing
>>> card swipes until they could validate that all impacted hotels had
>> cleaned
>>> up there local systems. So, the charge showed up as "card not present" -
>> I
>>> have no idea why it showed up when I checked in, as on business travel it
>>> usually shows up on checkout.
>>>
>>>
>>> When I was checking in, two hams sharing a room came down and said their
>>> room cards didn't work. They might have had the disputed charge thing
>>> cancel happen to them, don't know.
>>>
>>>
>>> Advice: no reason to worry about fraud to your card from your Dayton
>> stay,
>>> but if you stayed in any of the 1,100 hotels between February and April
>> and
>>> haven't been contacted, good idea to at least check your credit records
>> if
>>> not change that card number.
>>>
>>>
>>> 73 John K3TN
>>> _______________________________________________
>>> CQ-Contest mailing list
>>> CQ-Contest at contesting.com
>>> http://lists.contesting.com/mailman/listinfo/cq-contest
>>>
>> _______________________________________________
>> CQ-Contest mailing list
>> CQ-Contest at contesting.com
>> http://lists.contesting.com/mailman/listinfo/cq-contest
>>
> _______________________________________________
> CQ-Contest mailing list
> CQ-Contest at contesting.com
> http://lists.contesting.com/mailman/listinfo/cq-contest

More information about the CQ-Contest mailing list