Marriott Database Incident Response

Marriott Database Security Incident,

Hotel conglomerate Marriott recently announced a data security incident involving Starwood guest reservations. The findings from their initial investigation disclosed that an unauthorized party accessed the Starwood database since 2014, you can read the full announcement here.

In summary of the incident, the attackers were able to access personally identifiable information (PII) of the Starwood guests. The database was penetrated, and this information is suspected to have been exfiltrated – causing a serious security issue for every Starwood guest during the breach’s timetable. Generally, after this stage of an attack the information can be released or sold on the dark web and used to aid phishing campaigns. Phishing represents 93% of data breaches (Verizon, 2018).

To protect their clients, Marriott has established a landing page, here, to assist affected end users in protecting their identity. The lists contact information to the Marriott call center, and free WebWatcher enrollment. The Federal Trade Commission posted an alert to provide additions information on personal protection including – checking credit reports, review payment data, enroll in fraud alert, and credit freeze.

As security breaches continue to grow so should your risk management solutions. Brian Krebs, from KrebsonSecurity posted a very insightful article – stating that companies need to transform their risk management framework towards “assuming you have been compromised.”  This transition is needed to help mature the idea that cybersecurity is who companies are, not what they pay for.

GlobeNet’s Managed Security Services provides the protection that your business needs to operate in the new landscape of threats that allowed the Marriott Database Security Incident. GlobeNet is prepared to offer a complete package to protect businesses of any size from a wide variety of global threats.

Protect Your Business!

Request A Consultation

Leave a Reply

Your email address will not be published. Required fields are marked *