Hacking demo at conference may have inspired hotel break-ins

Hacking demo at conference may have inspired hotel break-ins

About 400 million hotel rooms worldwide use keycard locks with "glaring security vulnerability"

The security of hotel rooms is being scrutinized following a spate of break-ins at hotels in Texas.

A 27-year-old man has been charged as a suspect for a hotel room robbery at a Hyatt-run franchise hotel in Houston, according to a report in Forbes written by Andy Greenberg and published this week.

The story links the hotel break-in to a widely publicized hacking demonstration earlier this year.

The device used to break into the room is believed to employ the same technology demonstrated by a software developer at the Black Hat hacker conference in July.

Mozilla software developer Cody Brocious, 24, found a “glaring security vulnerability” in a popular model of a keycard lock developed by electronic lock manufacturer Onity. At the Black Hat conference, Brocious demonstrated how he could program a homemade device to open the keycard lock instantaneously.

In addition to the robbery at the Houston hotel, the Forbes article says a string of break-ins may also be attributed to Brocious’ hacking technology, which has since been refined by other hackers.

The story raises questions of accountability. Is the lockmaker at fault? Should Brocious be blamed for revealing a security vulnerability at a public conference before alerting the lock's manufacturer?

The cost of correcting the security risk in the locks is formidable. According to the article, Onity has been asking hotels to help shoulder the cost of hardware replacements.

Approximately 400 million hotel rooms around the world use the model of keycard lock hacked by Brocious. 

More on CNN: The secret confessions of hotel employees 

Frances Cha is a Digital Producer at CNN Travel. 


Read more about Frances Cha