At the moment this seems limited to Onity branded locks, which comes with a DC power jack underneath it which is meant for reprogramming of the lock. Unfortunately it is the same power jack that led to its security flaw. Stored within the memory of the lock is a numeric key that unlocks the door. By using an open-sourced hardware gadget that Brocious put together for $50, he is able to obtain that numeric code simply by plugging into the DC power jack and open the lock in a matter of seconds.
While between 4 to 5 million hotel room keycard locks could be potentially breached, Brocious’ efforts gave mixed results when put in a real-life situation, causing only one out of three locks to open (his test on an Onity lock ordered online was successful everytime). Regardless this does expose some glaring vulnerabilities of hotel door locks and is something that hotels should be taking a look at, especially since valuables such as passports, cash, computers, and jewelry are sometimes kept in hotel rooms. Brocious is also expected to release the schematics to the device and the source code on his blog as well.