Marriott Hotels Security Breach: Data Of More Than 500m Customers Have Been ExposedDecember 4, 2018Cyber Security
Personal data of more than 500 million people including credit card details, passport numbers and date of birth has been hacked in a “colossal” hack of Marriott International, including the parent companies.
The company said they became aware of personal data or security breach early in September, but further investigations revealed that the unauthorised access to the database was made way back in 2014.
The data obtained by the hackers varies by the customer to customer, but it included names, mailing addresses, phone numbers, email addresses, and passport numbers. Although the credit card numbers are encrypted, we are still not sure that the encryption keys were also stolen or not.
The company said reservations at its Starwood properties, which include the Sheraton Grand Park Lane and Le Méridien Piccadilly in London and the Sheraton Grand in Edinburgh, had been affected by the incident. The first breach was identified in Starwood reservation for guests in the US on 8 September.
Arne Sorenson, the president of Marriott International, said: “We deeply regret this incident happened. We fell short of what our guests deserve and what we expect of ourselves. We are doing everything we can to support our guests, and using lessons learned to be better moving forward.”
MARRIOTT CYBER ATTACK: DATA BREACH OF 500 MILLION GUESTS LINKED TO CHINESE SPY AGENCY
The cyber attack previously happened on Marriott Hotel chain which breached personal detail of almost 500 million guests was thought to be part of a Chinese intelligence-gathering effort that also hacked many more types of data including health and security clearance of Americans, according to the investigations.
They said that the hackers are suspected of working on the instructions of the ministry of state security, and the civilian spy agency. This discovery is made when Trump administration was planning to target China’s trade, cyber and economic policies within days.
They are thinking to charge those Chinese hackers working under the intelligence services and the army, said four government officials who spoke on the condition of non-disclosing their name. Trump administration is also planning to derestrict the reports to cancel the effect in case the hackers reveal the identity of US government officials.
The hacking of the Starwood chain, which was claimed to be happening in September was not expected to be part of this arraignments.
Marriott eyes rebranding after a massive data breach
Marriott international announced a new loyalty program in order to replace the current loyalty brands after the data breach that happened two to three years ago but revealed in Nov 2018.
They named the new program Marriott Bonvoy, and it will replace current loyalty brands: Marriott Rewards, The Ritz-Carlton Rewards, and Starwood Preferred Guest. This restructuring was considered as the second rebranding since April 2018, when Marriott integrated the Starwood Hotels and Resorts worldwide.
That specific Starwood program was the main reason which pushed the data breach reported in November 2018. Although the number of affected individuals were brought down from 500 million to 383 million unique guests, which included unencrypted 5.25 million and 20.3 encrypted passport numbers. According to the New York Times, this breach was considered to be one of the largest in history. Marriott is willing to pay for the new passports.