Following a sudden surge of hotel room break-ins after the discovery of a simple door lock hack, lock firm Onity is chipping in to replace affected hotel door locks. Onity is currently working with Marriott, InterContinental Hotel Group, and Hyatt hotels to replace the insecure door locks in their hotels, and are planning to cover at least some of the cost.
The vulnerability in the hotel room door locks was first discovered back in July during the Black Hat security conference. The hack involves hooking up a $50 device into the data port under the lock and using the device to hack the lock’s firmware. Back in August, Onity stated that it wouldn’t pay to replace the locks, but instead offered a free plug to block the data port.
Onity’s locks are implemented on over 4 million hotel room doors around the world, and the company has agreed to pay at least a fraction of the costs of replacing the door locks with updated and more secure options. Onity and their clients have come up with written agreements for reimbursement of the door locks.
The total cost of replacing the locks hasn’t been disclosed, although Onity charges $11 for every new circuit board it installs in the locks, and a $10 charge is assessed for every lock that Onity performs an on-site firmware upgrade on. Essentially, if all 4 million hotel door locks were replaced and updated with new firmware, the total cost would be around $84 million.