Skip to content

Search

Latest Stories

Study: Cyberattacks on hotels to surge

Guest-facing systems like POS, WiFi and front desk more vulnerable

AI threats in hospitality

Around 66 percent of hotel IT and security executives expect more cyberattacks this summer and 50 percent foresee greater severity, according to VikingCloud.

Summary:

  • Around 66 percent of hotel IT and security executives expect more cyberattacks this summer, and 50 percent anticipate greater severity, according to VikingCloud.
  • Guest-facing systems most at risk include POS and payment technology at 72 percent, guest WiFi at 56 percent and front desk systems at 34 percent.
  • About 48 percent of executives lack confidence in their staff’s ability to detect and respond to AI-driven attacks and deepfakes.

APPROXIMATELY 66 PERCENT of hotel IT and security executives expect an increase in cyberattack frequency and 50 percent anticipate greater severity during the summer travel season, according to cybersecurity firm VikingCloud. In summer 2024, 82 percent of North American hotels experienced a cyberattack and 58 percent were targeted five or more times.


VikingCloud’s report, “Peak Season, Peak Risk: The 2025 State of Hospitality Cyber Report,” found that AI-powered attacks are emerging this summer, outpacing many hotels’ preparedness.

“Peak travel season is here and it’s also the busy season for cybercriminals,” said Kevin Pierce, VikingCloud’s chief product officer. “Hotels are a prime target given the surge in guest transactions, reliance on interconnected systems and volumes of sensitive data. Last summer, 44 percent of hotels experienced more than 12 hours of downtime due to an attack. The financial and reputational impact from downtime can last beyond summer, which makes identifying cyber vulnerabilities and closing preparedness gaps essential.”

Guest-facing technology is most vulnerable, including payment systems and point-of-sale technology at 72 percent, guest WiFi at 56 percent and front desk systems at 34 percent. Leading attack methods include data breaches exposing payment details, passports, loyalty accounts or other guest personally identifiable information at 46 percent, phishing at 40 percent and guest WiFi network compromise or misuse at 38 percent.

According to the report, 48 percent of hotel IT and security executives lack confidence in their staff’s ability to identify and respond to AI-driven cyberattacks and deepfakes and 22 percent said cybercriminals outpace their teams.

Although four in 10 executives say 16 to 25 percent of their IT budget is allocated to cybersecurity, hotel defenses are not keeping pace with current threats.

Most hotels use basic protections such as antivirus, anti-malware and anti-spam tools, reported by 72 percent, firewalls by 70 percent and VPNs by 66 percent. Fewer than half use advanced measures like vulnerability scanning, automated data backups, or ransomware protection. Adoption is lower for dark web monitoring at 26 percent and penetration testing at 28 percent. Thirty percent have no plans to outsource to a managed security service provider.

“Cyberattacks can disrupt hotel operations, reduce guest trust and impact revenue during peak travel periods,” said Pierce. “Going beyond basic measures is essential to staying operational in today’s threat environment.”

A joint study by FreedomPay and Toast found that data security, system integration, growth enablement and secure payment processing are key priorities for enterprise hospitality leaders. The study highlighted the need for secure payment processing, reflecting shifts in the enterprise hospitality market and a growing focus on customer transactions.

More for you

Fed interest rate July
Photo credit: Chip Somodevilla/Getty Images

Fed holds rates steady despite Trump pressure

Summary:

  • The Federal Reserve held interest rates steady and gave no signal of a September cut.
  • Developers and brokers are calling for lower borrowing costs to unlock supply and revive stalled deals.
  • The Fed’s decision followed surprise news that the U.S. economy grew 3 percent in Q2.

THE FEDERAL RESERVE held its key interest rate steady and gave no indication of a cut in September, despite growing pressure from President Trump and his Fed appointees, USA Today reported. The July 30 decision keeps the Fed’s benchmark rate at 4.25 percent to 4.5 percent for a fifth straight meeting.

Keep ReadingShow less
Peachtree Group loan
Photo credit: Peachtree Group

Peachtree backs $42M loan for AFC deal

Summary:

  • Peachtree provided a $42 million floating-rate loan to Banyan Street Capital for the acquisition and repositioning of Atlanta Financial Center in Buckhead.
  • The deal delivers capital at a reset basis, with comps pricing 98 percent higher, reflecting strong collateral and execution.
  • It recently launched a $250 million fund to invest in hotel and commercial assets mispriced from market illiquidity.

PEACHTREE GROUP PROVIDED its first mortgage loan to Banyan Street Capital for the acquisition and repositioning of the 914,774-square-foot Atlanta Financial Center in Buckhead, Georgia. Peachtree said the office sector is at an inflection point, similar to the retail segment previously.

Keep ReadingShow less
Trump’s Proposed Visa Fee Threatens Seasonal Hospitality Workforce

Report: Trump visa fee sparks summer staffing fears

Summary:

  • Trump’s proposed $250 Visa Integrity Fee faces pushback from groups relying on seasonal J-1 workers from Latin America and Asia.
  • J-1 visa holders often work as housekeepers, amusement park staff, and lifeguards from pre-season through Labor Day; more than 300,000 use the visa annually.
  • DHS and the State Department have not clarified how the fee will be implemented or who qualifies for a refund.

A $250 VISA Integrity Fee in President Donald Trump’s Big Beautiful Bill is drawing criticism from groups that rely on seasonal workers from Latin America and Asia on J-1 and other visas, Newsweek reported. The organizations warn the cost, though sometimes refundable, could reduce the summer workforce that supports U.S. beach towns and resorts.

Keep ReadingShow less
Wyndham & Grubhub Offer Free Delivery to Guests & Staff

Wyndham, Grubhub offer free delivery to guests, staff

Summary:

  • Wyndham Hotels & Resorts is partnering with Grubhub to offer free product delivery to guests and staff at nearly 6,000 U.S. hotels across 20 brands.
  • A Grubhub account is required to activate the complimentary Grubhub+ membership; no credit card is needed and the membership does not auto-renew.
  • Wyndham recently deployed Elavon’s cloud payments interface to more than 6,000 U.S. and Canadian franchisees.

WYNDHAM HOTELS & RESORTS and Grubhub, an online ordering and delivery platform, will offer item delivery to guests and staff with no delivery fees and other benefits. The service is available at nearly 6,000 U.S. hotels across 20 brands, with orders placed through the Grubhub app on-site or by scanning a hotel QR code.

Keep ReadingShow less
U.S. Hotel Construction Hits 20-Quarter Low in June

CoStar: Hotel construction drops in June

Summary:

  • U.S. hotel rooms under construction fell year over year for the sixth straight month in June, hitting a 20-quarter low, CoStar reported.
  • About 138,922 rooms were under construction, down 11.9 percent from June 2024; the luxury segment had 6,443 rooms, up 4.1 percent year over year.
  • Lodging Econometrics recently said Dallas led all U.S. markets in hotel construction pipelines at the end of the first quarter, with 203 projects and 24,496 rooms.

THE NUMBER OF U.S. hotel rooms under construction declined year over year for the sixth straight month in June, reaching a 20-quarter low, according to CoStar. Additionally, more than half of all rooms under development are in the South, mostly outside the top 25 markets.

Keep ReadingShow less