sb-nz logo
Story image

500 million impacted by Marriott database breach

03 Dec 2018

Today, Marriott disclosed a large-scale data breach impacting up to 500 million customers who have stayed at a Starwood-branded hotel within the last four years.

While details of the breach are still sparse, Marriott stated that there was unauthorised access to a database tied to customer reservations stretching from 2014 to September 10, 2018. For a majority of impacted customers (approximately 327 million), the breached data includes some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences.

For some of those guests, their credit card numbers and expiration dates were exposed, however, they were encrypted using the Advanced Encryption Standard (AES-128). Marriott president and chief executive officer Arne Sorenson says, “We are doing everything we can to support our guests, and using lessons learned to be better moving forward.”

A root cause of the breach is currently unknown, but Marriott indicated that the intruders encrypted the information before exfiltrating the data. 

Security expert Brian Krebs reported that Starwood reported its own breach in 2015, shortly after acquisition by Marriott.

At the time, Starwood said that their breach timeline extended back one year, to roughly November 2014.

Incomplete remediation of breaches is extremely common, and when compounded by asset management challenges introduced by mergers and acquisitions, seeing lateral movement and exfiltration after an initial hack is not unreasonable. Starwood properties impacted are as follows:

  • Westin
  • Sheraton
  • The Luxury Collection
  • Four Points by Sheraton
  • W Hotels
  • St. Regis
  • Le Méridien
  • Aloft
  • Element
  • Tribute Portfolio
  • Design Hotels 

What should you do about it?

Malwarebytes suggests that if you’re a customer:

  • Change your password for your Starwood Preferred Guest Rewards Program immediately. Random passwords generated by a password manager of your choice should be most helpful.
  • Review your banking and credit card accounts for suspicious activity.
  • Consider a credit freeze if you’re concerned your financial information was compromised.
  • Watch out for breach-related scams; cybercriminals know this is a massive, newsworthy breach so they will pounce at the chance to ensnare users through social engineering. Review emails supposedly from Marriott with caution.

If you’re a business looking for tips to prevent getting hit by a breach:

  • Invest in an endpoint protection product and data loss prevention program to make sure alerts on similar attacks get to your security staff as quickly as possible.
  • Take a look at your asset management program:
    • Do you have 100% accounting of all of your external facing assets?
    • Do you have uniform user profiles across your business for all use cases?
Story image
Frost & Sullivan: Firewalls to drive network security market
Enterprises’ heightened threats from criminal entities and state-sponsored actors are strongly encouraging them to adopt network security solutions.More
Story image
rhipe adds Octopus licensing solutions to distie portfolio
The addition of Octopus Cloud provides rhipe partners with licensing solutions and management processes to support cloud transformation initiatives.More
Story image
Video: 10 Minute IT Jams - Vectra AI exec discusses cybersecurity for Office 365
In Techday's second IT Jam with Vectra AI, we speak again with its head of security engineering Chris Fisher, who discusses the organisational impact of security breaches within Microsoft O365, why these attacks are on the rise, and what steps organisations should take to protect employees from attacks.More
Story image
Acronis accelerates growth plans with CyberLynx acquisition
"Acquiring these capabilities will advance Acronis' mission to deliver world-class cyber protection to organisations around the world."More
Story image
Video: 10 Minute IT Jams - SonicWall VP on the benefits of Boundless Cybersecurity
Today's interviewee will discuss the ins and outs of the company's Boundless Cybersecurity solution and how it can help APAC organisations adjust to the new normal, as well as explaining the 'cybersecurity business gap'.More
Story image
Forrester names Thycotic a Leader in privileged access management
Thycotic received the highest possible score in 11 of the 24 criteria in the study, including SaaS/cloud, innovation roadmap, and integrations, deployment, supporting products and services, commercial model, and PIM installed base.More