Scribd Logo
Upload

Welcome to Scribd!

  • Marriott Data Breach

    Uploaded by

    Kc Khadka
    214 views1 page
    In 2018, Marriott announced a major data breach affecting up to 500 million guests that booked reservations on Starwood properties. Hackers had accessed Starwood's reservation systems as early as 2014 but were undetected for four years. The sensitive personal and financial information compromised included passport numbers, travel details, and in some cases encrypted credit card information along with the encryption keys. While data breaches are a constant threat, companies can minimize risks and costs by keeping systems updated, practicing secure password habits, and purchasing cyber insurance.

    Original Description:

    Marriott Data Breach

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    In 2018, Marriott announced a major data breach affecting up to 500 million guests that booked reservations on Starwood properties. Hackers had accessed Starwood's reservation systems as early as 2014 but were undetected for four years. The sensitive personal and financial information compromised included passport numbers, travel details, and in some cases encrypted credit card information along with the encryption keys. While data breaches are a constant threat, companies can minimize risks and costs by keeping systems updated, practicing secure password habits, and purchasing cyber insurance.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    214 views1 page

    Marriott Data Breach

    Uploaded by

    Kc Khadka
    In 2018, Marriott announced a major data breach affecting up to 500 million guests that booked reservations on Starwood properties. Hackers had accessed Starwood's reservation systems as early as 2014 but were undetected for four years. The sensitive personal and financial information compromised included passport numbers, travel details, and in some cases encrypted credit card information along with the encryption keys. While data breaches are a constant threat, companies can minimize risks and costs by keeping systems updated, practicing secure password habits, and purchasing cyber insurance.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    Marriott Data Breach

    In late 2018, Marriott hotel announced to the world that hackers have had access to one
    of its reservation systems. This story started when Marriott acquired Starwood back in 2016.
    They did not migrate the Starwood hotels to Marriott’s reservation systems but rather kept the
    reservation databases separate for nearly two years. And during that time, they were still using IT
    infrastructure that was passed on from Starwood. In September of 2018, Marriott received an
    internal security tool flagged as a suspicious database query (Kim 2018). This led to an internal
    investigation where they discovered that the hacker had copied and encrypted information and
    attempted to remove from the Starwood systems. Then, they learned that there had been
    unauthorized access to the Starwood network which extended back to 2014 (Kim 2018). This
    breach is so different because the attackers were undetected for four years. The Marriott breach
    exposed private information on “up to 500 million guests” who made a reservation at a Starwood
    property (Gressin 2018). The information that was exposed included extremely sensitive details
    like passport numbers, travel details, and in some cases, credit card information. The most
    worrying part was with credit card numbers. This is because they stored the credit card numbers
    in encrypted form but also stored the encryption keys on the same server which were also
    compromised in the breach. 
    I think that data breaches are a constant threat to all organizations because there will
    always be a skilled attacker who can compromise any number of strategies or defenses. But they
    can avoid the costly impact of a breach by putting a proactive plan in place and by adopting
    tactics that maximize retention. It is very good to keep the company operating system and
    application software up to date, practice good password security habits, and guard against
    equipment theft and phishing attacks. If the Marriot company upgraded its system and IT talent,
    then they could have detected the data breach years earlier. It’s also an excellent idea to ensure
    any business against data theft. In the Marriot case, the company had cut its losses to a mere $1
    million because of the cyber insurance which covered much of the initial costs regarding the
    breach (Isidore 2019).

    You might also like