Travelers who used a hotel business center computer received badnews from the federal government – cybercriminals may have stolentheir login credentials.

Security blogger Brian Krebs reported July 14 that he had obtained a copy of a warningprivately issued by the Department of Homeland Security's NationalCybersecurity and Communications Integration Center to varioushospitality groups.

The bulletin said multiple Dallas/Fort Worth hotel businesscenter computers had been compromised by keylogging software that lets a criminal easily see a user'severy stroke, harvesting login information and passwords.

“Using a hotel computer is like sending a postcard. Everybodysees what you are writing,” said Rick Dakin, CEO of securitycompany Coalfire.

In most instances, traveling credit union executives would notbe readily able to log into sensitive, institutional computers fromsuch a public computer, experts said. But that executive, as wellas members, could log into personal email, home banking, and inmany ways leave behind a trail of credentials for criminals to seekto mine.

Dakin said in his opinion, there will be no easy way to improvesecurity at hotel business centers. The devices, in many instances,are unattended much of the day. Security oversight generally isminimal. The scenario creates a perfect context for criminals toinstall malware, he said, adding that a traveling executivepopulation is an attractive target group for criminals.

Dakin said while expects hospitality industry lawyers to step upnotifications that the devices may be insecure, thereby lesseningthe risks of successful litigation, that will do nothing to improvesecurity for users.