How your KOA could be liable for cyber crime

Like most American small businesses, KOA campgrounds are at risk of having their reputation or finances damaged by theft or crime facilitated by the internet. This is known as Cyber-crime. To the extent that your KOA holds the electronic information of others, your state laws may make you liable for notifying everyone in your database who could be affected.

Fortunately, most KOAs do not accept payment or reservations through their own websites, but leave that responsibility to the website. Even if is breached, in most imaginable situations, it would not be the fault or liability of the individual KOA.

However, the insidiousness and liability of Cyber-crime can affect KOA campgrounds in other ways that might not seem as obvious.

  • The campground’s Wi-Fi network, which hosts many of your guests’ browsing sessions at the same time, presents opportunities for a remote or on-site criminal. Determined criminals can easily hack into most Wi-Fi networks and gain access to either the information or the devices of your guests.
  • One way this could generate liability for you is that a guest might enter his or her credit card information over your Wi-Fi network. He or she could be ordering a part or making another site reservation and have that information stolen—over your Wi-Fi network.
  • Even if you have an appropriate user agreement for your Wi-Fi network, you still might need to go to court to vindicate your lack of responsibility for the crime.
  • If you accept on-site credit card payments, there is the possibility that your guests’ credit card information can be stolen. This typically has to happen on-site, through the malfeasance of one of your employees or work campers, or through a bug or misdirection in your credit card system.
  • If your campground has an owner who is frequently away, you will need to make management staff aware of emails that appear to be from the owner, asking for funds to be wired. Though they appear legitimate, they are the work of criminals trying to trick you into sending them money.

Here are some things you can do:

  • Stay current with notifications from your payment provider to make sure the security for your credit card machine is up-to date.
  • Make sure you work with an IT provider regularly to monitor and update the security of your WiFi network. Your guests have an expectation that criminals are not lurking on your network, and you have a responsibility to make a reasonable effort to make sure this is the case.
  • Train any employees or owners who have access to your bank account to verify any requests for funds by phone to a known number.
  • Be careful and aware anytime you collect or use someone’s credit card, payment information or social security number.
  • Consider purchasing Cyber Liability insurance, which can help defray the costs stemming from being a victim of or party to a cyber-crime.

The issues outlined in this article are just a few examples of areas where we believe the typical KOA is vulnerable to the possibility of cyber-crime. Because each campground is different, adequate cyber security, training, insurance, and protocol looks different for each park. Each Cyber insurance policy is unique. Contact us in order to learn more about the different kinds of insurance protection available. Let us help you protect your assets, your guests, and your good name.

James Dick, CPCU, AAI