[CQ-Contest] Dayton Crown Plaza Credit Card flaw

Chuck Dietz w5prchuck at gmail.com
Sat May 27 09:10:05 EDT 2017


The point was to alert people to the possibility of fraudulent charges. I
look at my charges online almost every day. Others may not be so anal. Once
the charges are discovered, your card is cancelled and a new one issued. An
annoyance at the least...

Chuck W5PR

On Fri, May 26, 2017 at 3:44 PM, Barry <w2up at comcast.net> wrote:

> Bogus charge on your card?  Call the 800 number on the card and get it
> removed.  It's not your problem.  It's the bank's problem. Credit card =
> 100% protection.  Debit card, not necessarily (US law)
>
> Much ado about nothing.
>
> Barry W2UP
>
>
> On 5/26/2017 13:54, Ria Jairam wrote:
>
>> I believe that European credit cards have mag stripes on them, so they can
>> be used overseas. US has begun to adopt chip cards but a large number of
>> places use swipe despite the liability shift that occurred in 2015.
>> There's
>> also the good old fashioned knuckle buster that can read a card imprint.
>>
>> The best security is NFC, such as Apple Pay. You get a different account
>> number from your actual card number and it is secured. It's also faster
>> than an EMV chip dip.
>>
>> I wish more places would have it.
>>
>> Ria
>> N2RJ
>> On Fri, May 26, 2017 at 2:42 PM David Siddall <hhamwv at gmail.com> wrote:
>>
>> My understanding is that IHG caused their own problem because they used
>>> old-fashioned "swipe" terminals instead of modern chip terminals.  (Chip
>>> information is encrypted.)
>>>
>>> But don't feel overly safe.  Even credit card chip technology in the U.S.
>>> is less secure than elsewhere.  A lost U.S. credit card with chip can be
>>> used anywhere by anyone until canceled.  A European credit card, however,
>>> cannot be used without the owner's 4-digit PIN in addition to the chip
>>> (same as debit cards, but not credit cards, in the U.S.).
>>>
>>> 73, Dave K3ZJ
>>>
>>>
>>> On Fri, May 26, 2017 at 6:02 AM, jpescatore--- via CQ-Contest <
>>> cq-contest at contesting.com> wrote:
>>>
>>> Here's what happened - it happened to me and I work in Internet security:
>>>>
>>>>
>>>> The Intercontinental Hotel Group (parent of Holiday Inn, Crowne Plaza,
>>>> etc) was hacked back in February and continuing through April. Over
>>>> 1,100
>>>> of its hotels were impacted. If you are interested, details here:
>>>> http://www.computerworld.com/article/3190175/security/1-175-
>>>> hotels-listed-in-payment-card-breach-of-holiday-inn-parent-company.html
>>>>
>>>>
>>>> I checked in to the Crowne Plaza on Friday afternoon. Later that day I
>>>>
>>> got
>>>
>>>> a potential fraud alert from Mastercard that a "card not present" charge
>>>>
>>> of
>>>
>>>> $377 was made to my card by something called IHG. I checked online, my
>>>> charges that day for gas and for the hotel I stayed on on Thursday night
>>>> were there and legit - and there was an IHG charge of $377.
>>>>
>>>>
>>>> When I checked in, they physically swiped my card so it should *not*
>>>> have
>>>> shown up as card not present, and I didn't immediately connect IHG to
>>>> Crowne Plaza. I called Mastercard, they connected me to the fraud folks
>>>>
>>> and
>>>
>>>> I asked "Do you show more information about IHG?" they said no. So, I
>>>>
>>> said
>>>
>>>> that must be a fraudulent charge and they cancelled that card and are
>>>> sending me a new one.
>>>>
>>>>
>>>> I went down to the desk to tell them I would switch the charges to
>>>>
>>> another
>>>
>>>> card and they said "Yes, we are having a lot of that because of the
>>>>
>>> hack."
>>>
>>>> Bells went off in my head, but too late to stop the card from being
>>>> cancelled. The clerk said "let me check the list of disputed charges,
>>>> because the system will shut your room card access off." I'd come down
>>>> quickly enough, wasn't on that list but it was several pages long.
>>>>
>>>>
>>>> Because of the hack and exposure, IHG apparently was centrally
>>>> processing
>>>> card swipes until they could validate that all impacted hotels had
>>>>
>>> cleaned
>>>
>>>> up there local systems. So, the charge showed up as "card not present" -
>>>>
>>> I
>>>
>>>> have no idea why it showed up when I checked in, as on business travel
>>>> it
>>>> usually shows up on checkout.
>>>>
>>>>
>>>> When I was checking in, two hams sharing a room came down and said their
>>>> room cards didn't work. They might have had the disputed charge thing
>>>> cancel happen to them, don't know.
>>>>
>>>>
>>>> Advice: no reason to worry about fraud to your card from your Dayton
>>>>
>>> stay,
>>>
>>>> but if you stayed in any of the 1,100 hotels between February and April
>>>>
>>> and
>>>
>>>> haven't been contacted, good idea to at least check your credit records
>>>>
>>> if
>>>
>>>> not change that card number.
>>>>
>>>>
>>>> 73 John K3TN
>>>> _______________________________________________
>>>> CQ-Contest mailing list
>>>> CQ-Contest at contesting.com
>>>> http://lists.contesting.com/mailman/listinfo/cq-contest
>>>>
>>>> _______________________________________________
>>> CQ-Contest mailing list
>>> CQ-Contest at contesting.com
>>> http://lists.contesting.com/mailman/listinfo/cq-contest
>>>
>>> _______________________________________________
>> CQ-Contest mailing list
>> CQ-Contest at contesting.com
>> http://lists.contesting.com/mailman/listinfo/cq-contest
>>
>
> _______________________________________________
> CQ-Contest mailing list
> CQ-Contest at contesting.com
> http://lists.contesting.com/mailman/listinfo/cq-contest
>


More information about the CQ-Contest mailing list