UK hotels vulnerable to same Wi-Fi hack as US hotel chain

Insecure Wi-Fi systems installed at hotels across the UK could be hacked with embarrassing consequences

Insecure Wi-Fi systems installed at hotels across the UK could be hacked with embarrassing consequences, as has happened with the Thompson hotel chain in the US.

"Reports in the US suggest that a hacker has threatened to release a number of embarrassing e-mails sent and received by guests and staff at the high-end Thompson hotel chain there," said David Hobson, managing director of IT security firm GSS.

"The same thing could happen in the UK, as many hotels leave their Wi-Fi networks open - without a password - for guests to use in their rooms. This potentially leaves the systems open to hacker incursions, and could end up with guests' e-mails being plastered all over the internet."

Hobson said the use of Wi-Fi passwords in hotels is a relatively easy security procedure to implement, with reception staff giving out the passwords to guests as they check in.

By changing the passwords on a regular basis, guests can be assured their online sessions, including their e-mail interchanges, will remain private, he added.

"Many hotel guests use webmail, rather than e-mail client software, on their laptops for convenience. If a hacker gains access to an open Wi-Fi network in the hotel, they can easily eavesdrop on the webmail sessions, with potential embarrassing consequences for the guests and the hotel concerned," said Hobson.

The hacker threats against the Thompson hotel chain, which includes several five-star hotels in Manhattan, Beverly Hills and Washington, could result in lawsuits against the company, said Hobson, but the resultant publicity could put off high-spending guests from staying at the boutique hotels, with a consequent loss of revenue.

The use of personal firewalls on laptops can also prevent hackers using Wi-Fi hotspots to access them.

More on the Thompson hack >>

Wi-Fi security >>

Hotspot cost and security concerns >>

Read more on Wireless networking