On Friday, Nov. 30, mega hotelier Marriott announced a massive data breach affecting as many as 500 million guests who made reservations at the company’s Starwood properties since 2014.
In one of the largest data breaches on record in which a third party gained unauthorized access to a database which contained guest information such as name, email address, mailing address, passport number, date of birth, and, for 327 million, payment card information. While the payment card information was encrypted, Marriott cannot confirm that hackers did not also access the decryption key in the four-year attack.
The attack represents a total failure on the part of Marriott to secure personal information for its guests over an extended period. The company has set up a website to answer questions for those who may have been impacted by the beach, which states “Marriott values our guests and understands the importance of protecting personal information. We have taken measures to investigate and address a data security incident involving the Starwood guest reservation database.”
The Marriott breach shows the importance of proper cyber security measures, which can help uncover and identify holes in a network that could be exploited by a cyber criminal.
Archetype SC’s SRVA – a vulnerability and risk assessment tool – can help uncover potential issues in a network that could be exploited by a hacker. With a SRVA scan, Archetype SC delivers a personalized report providing information on vulnerabilities broken down by severity, with a remediation plan to shore up any issues.