Electronic lock manufacturer Onity has finally agreed to reimburse its customers—major hotel chains like Marriott, Hyatt, and InterContinental (IHG)—for some of the costs of replacing its hackable locks.
Back in July, a security researcher exposed the fact that Onity locks (in use on around 4 million hotel rooms worldwide) could be disabled in a matter of seconds using a custom-designed kit that cost about $50. The company acknowledged the flaw but did not offer much in the way of a response until November.
Last month, following the theft of a laptop from a Texas hotel room using this hardware hack, the company began instituting a temporary hardware fix by physically blocking access to the ports with epoxy, and more recently, with a plastic plug and “security screws.”