Security Flaw Could Let Hackers Unlock Millions of Hotel Room Doors Worldwide - 1

Security Flaw Could Let Hackers Unlock Millions of Hotel Room Doors Worldwide

  • Written by Shipra Sanganeria Cybersecurity & Tech Writer
  • Fact-Checked by
  • Reader’s Comments 1

Security researchers have identified a security flaw in a popular keycard-powered lock system that can be exploited to easily unlock doors in millions of hotels worldwide.

The flaw, found in RFID-based Saflock keycard lock systems, allows a hacker to clone a hotel’s master keycard to access any room on the property. These lock systems come from the Swiss keycard and lock manufacturer Dormakaba.

The Saflock system has been around for 36 years and is installed in more than 3 million hotels in 131 countries worldwide. According to the researchers Ian Carroll, Lennert Wouters, and their team, all Saflock lock systems are impacted.

First reported on Wired , the flaw was discovered in August 2022, at a private hacking event in Las Vegas. The group of researchers reported their findings to Dormakaba, who started working on the security patch. As of March 2024, only 36% of the impacted locks have been updated or replaced.

“Upgrading each hotel is an intensive process. All locks require a software update or have to be replaced,” the researchers explained. “Additionally, all keycards have to be reissued, front desk software and card encoders have to be upgraded, and 3rd party integrations (e.g. elevators, parking garages, and payment systems) may require additional upgrades.’’

Although it was discovered in 2022, the extended time needed to upgrade the locks and potential security concerns made the researchers disclose the flaw dubbed “Unsaflok”, in a public post .

Despite limited technical details, the flaw is relatively easy to exploit. All that a hacker would need is access to any keycard from the property, including expired cards.

By reverse-engineering the hotel’s property code and any room’s lock programming software, the hacker can unlock any room door and retract the deadbolt as well.

The whole process would only cost a few hundred dollars, as any Near Field Communication (NFC)-enabled Android phone or commercial card writing tool like Flipper Zero can be used to forge the keycard.

The researchers disclosed the public release of their research findings; it would be difficult for hotel guests and staff to visually identify the vulnerability in any Saflock lock.

Following the publication of the research findings, Dormakaba also released a statement confirming the flaw. They said their investigation did not reveal any instance of this flaw being exploited in the real world.

Hulu Is Now Part of Disney+ Bundle in the US - 2

Hulu Is Now Part of Disney+ Bundle in the US

  • Written by Deep Shikha Content Writer
  • Fact-Checked by

On March 27, Disney officially launched “Hulu on Disney+” in the US, integrating Hulu with its flagship Disney+ service. While Hulu retains its own app, it’s now integrated with Disney+, meaning a richer content library in one place. Even the Disney+ logo has been refreshed to feature Hulu’s distinctive green hue.

Chris Lawson, the Executive Vice President of Content Operations, revealed that Disney transferred over 100,000 pieces of content from Hulu to Disney Plus . This massive move involved a mix of Disney-owned and partner content, each with various formats and unique metadata.

Also, 16-year-old Hulu operates on an entirely different technology than 4-year-old Disney+, so this integration needed a big software update. Disney+ had to re-encode all Hulu video files to work on its platform.

According to Variety , the service doesn’t have all Hulu titles due to licensing limits. For the same reasons, ABC’s hit sitcom Modern Family and ITV reality dating show Love Island will still be unavailable on Disney+.

Live TV channels from Hulu + Live TV won’t be on Disney+ for now. However, Disney+ has the capability to stream live channels, and ESPN networks will be added in Latin America this summer, says Aaron LaBerge, the president and CTO of Disney Entertainment and ESPN.

This effort is part of Disney’s larger strategy to make its streaming services work more seamlessly together, improving everything from personalization to content recommendations. During the beta, Hulu hits such as The Bear, Shōgun , and Only Murders in the Building caught the attention of Disney+ viewers. With increased discoverability and integration on the homepage, even more people are expected to watch these shows.