Atlantis Resort (Bahamas) 50,000, Hacker
Customers of the Atlantis resort in the Bahamas have reason to worry this week, as over 50,000 identities have been taken from the hotel’s database. The information was revealed in a document submitted to the Bahamas Securities and Exchange Commission.
The information includes typical information such as names, addresses and credit card details, but also more damaging details such as social security numbers, drivers license numbers and bank account data. The hotel management is writing notices to affected customers to inform them of the issue, and offering a no-cost credit monitoring service for one year, according to a Yahoo news article.
There’s a few interesting things about this. The first, and largest, is the internationalization of California’s law. There’s a new standard, around the world, about disclosing breaches. The second is that SecurityFocus is stealing our thunder doing great research. My final comment/question is why does a resort hotel has drives licenses and SSNs from Americans?
Via Resort loses 50,000 identities at SecurityFocus.
The big hotels in the Bahamas cater almost exlusively to American tourists. They are primarily gambling-based, and Atlantis is one such. They are definately likely to follow American norms by choice as they develop as they are highly sensitive to their customers’ expectations.
There are probably two reasons why the resort hotels collect those data. One is they have to prove that the person is a foreigner/non resident, so a driver’s licence would do that. Locals aren’t allowed in the Casinos (although that might have changed in the last couple of years, it was certainly a controversial issue).
Secondly, money laundering. Your friendly American regulators want all casinos to track each and everyone nominally on a ticket of stopping money laundering. Hence the SSN. Just another way station in the journey to making your identity the most valuable asset you have…