Marriott discloses massive data breach affecting up to 500 million guests

Digital Directorship
Cybersecurity: Data Security/Privacy

Marriott discloses massive data breach affecting up to 500 million guests

Source: The Washington Post
By Taylor Telford and Craig Timberg November 30, 2018

Marriott said Friday that hackers have had access to the reservation systems of many of its hotel chains for the past four years, a breach that exposed private details of up to 500 million customers while underscoring the sensitive nature of records showing where and when people travel — and with whom.

The breach of the reservation system for Marriott’s Starwood subsidiaries was one of the largest in history, after two record-setting Yahoo hacks, and was particularly troubling for the nature of the data that apparently was stolen, security experts said. That includes familiar information — such as names, addresses, credit card numbers and phone numbers — and also rarer prizes for hackers, such as passport numbers, travel locations and arrival and departure dates.

The potential value of such information on such a large percentage of the world’s travelers triggered speculation that Marriott may have been the target of nation-state hackers seeking to track the movements of diplomats, spies, military officials and business executives. Yet even if the hackers were mere criminals in search of profit, such data offered the raw material for a range of possible misdeeds, including identity theft.

“This is extraordinarily intimate data,” said Edward Hasbrouck, a San Francisco-based travel writer and consumer advocate who has long warned about the sensitivity and poor security of computerized travel records. “The travel industry has been grossly negligent compared to many industries when it comes to data privacy and security.”

An unauthorized party accessed the reservation database of Starwood properties — which includes hotel chains St. Regis, Westin, Sheraton, Aloft, Le Meridien, Four Points and W Hotels — from 2014 onward, according to a Marriott news release. It acquired Starwood in 2016 and kept the reservation databases separate from its own until recently. The reservation system of Marriott hotels themselves were not affected by the breach reported Friday.

 Related Data Breach Articles:
Jan 25, 2019:Finally, a Breakthrough in Cybersecurity Protection
Dec 03,1918Hackers breach and steal password data for 100 million users
Nov 30, 2018:Marriott discloses massive data breach affecting up to 500 million guests
May 08, 2018:Equifax breaks down just how bad last year’s data breach was
Oct 04, 2017:Every single Yahoo account was hacked – 3 billion in all

Read full article at the Washington Post …


Print Friendly, PDF & Email

Richard Spangenberg

About the Author: Richard Spangenberg, CEO and Executive Director of Digital Directorship & board member at several companies, is a senior c-suite level executive, innovative strategic marketing leader, and digital/big data/AI specialist familiar with digital transformation, cybersecurity, startups, and social media integration to existing programs.