Today, Mr. L takes everyone back to a shocking case of
information security breach, and the protagonist is the Marriott Hotel that many
of us might choose to stay in during business trips or travels. In 2014, the
Marriott Hotels Group completed its acquisition of the Starwood Hotels, we all
thought that it will be a powerful combination. However, who could have
imagined that this would be the beginning of a nightmare.
As early as 2014, hackers had at Marriott. In
June 2014, hackers infiltrated the Starwood system for the first time, quietly
stealing the payment card information of more than 40,000 customers, and this
went undetected for a staggering 14 months. Just a month later, in July 2014,
the attackers became even more rampant, infiltrating over 480 systems globally
through malicious software. Data from as many as 339 million customers was
stolen at this time, including 5.25 million unencrypted passport numbers, and
this loophole even lasted to 2018.
In September 2018, Marriott discovered a
third data breach, with 5.2 million customers' data were being leaked,
including credit records, and this loophole even lurked until 2020. Renowned
hotel brands under Starwood like Sheraton and Westin were both affected, with
the number of impacted customers running into the hundreds of millions.
Fortunately, Marriott subsequently took a
series of measures. They sent email notifications to the affected customers to
inform them of the situation promptly; set up an information query website to
let customers easily check if their data was compromised; provided credit
monitoring services to ensure the credit safety of customers; and promised to
restore the stolen customer loyalty points, while also allowing users to apply
for the deletion of their associated personal information.
This incident not only caused tremendous
reputational damage to Marriott Hotels, but also sounded an alarm for
information security throughout the entire hotel industry. While enjoying
convenient services, everybody must always pay attention to the protection of
personal information. What’s your idea on such information security incidents?
Please feel free to leave your comments and discuss in the comment section!
Original source:https://hotelteeport.com/zh/news/marriott-data-breach
