Marriott announces starwood guest reservation database security incident

Marriott International Data Breach

Student’s Name

Professor’s Name

Institutional Affiliation

Course

1

1

Introduction

Data theft was discovered in 2018.

The data breach affected approximately 500 million customers.

Breach targeted systems supporting Starwood Hotel Brands.

Attackers remained in the system since 2016.

2016- Marriott acquired Starwood Hotel.

2

This slide gives an overview of the data breach and how it happened.

The data breach was discovered in 2018 although it had been there for four years.

The Marriott International acquired Starwood Hotel in 2016.

By then, the attackers were already in the system.

The data breach affected a total of 500 million people but the data went low following investigations.

2

USER (U) -

Problem

On 30th November, Marriott International announces compromised customer records.

Initial estimates indicated that 500 million customers affected.

The number decreased to 393 million over a period of investigations.

Hackers accessed the Starwood’s customer reservation system’s database.

3

This slide covers the problem as a whole. The data breach was announced in 2018 on 30th November the same year.

According to the original information, data belonging to 500 million customers belonging to the customers.

As the investigations proceeded, the number went down although the number was significant.

The system under question and whose database had been accessed was the Starwood’s Customer Reservation System.

3

Discovery

An internal security tool is credited for the discovery.

The discovery was made on 8th September 2018.

Unauthorized entity had been accessing the network over a long period.

The hacker encrypted data after copying it.

Encryption made it hard for authorities to detect and determine.

4

This slide covers how the breach of these systems was discovered.

Despite its existence having extended for four years, the major discovery was made on 8th September 2018.

Access to the system’s database had been made through the organization’s network.

Upon accessing the data, the attacker copied it creating a new version of it.

Due to the fact that the data was encrypted, it was hard to detect and determine its occurrence.

4

Attackers Responsible

Chinese Ministry of State Security was accused.

It sought to gather intelligence regarding the Hotel

This is in connection with other similar attacks.

Other hacked systems: Health insurance systems, and Security clearance files.

Tools, techniques, and procedures discovered during investigation.

5

There was a group of adversaries who were behind this attack.

Chinese intelligence agency has been at the center of the controversy over the matter.

The same agency has also been connected to other attacks.

Similar attacks that are associated with it include; attacks to health insurance systems and security clearance files.

Other than the discovery of the agency’s name, tools, techniques, and procedures of attack were discovered.

5

Affected Data

Some of the victims: Only name and contact information.

Other data: contact information, passport numbers, and guest information.

Starwood’s Data: Preferred Guest numbers, Travel database data.

Financial data: Credit card numbers and their expiration dates.

Data encrypted upon the breach.

6

Data affected during the attack included;

Data belonging to the individual customers; their contact information, passport numbers, and guest information.

Starwood’s data was also not safe as preferred guest numbers and travel database data were affected.

The attackers also accessed financial personal data such as credit card numbers and their expiration dates.

By the time the breach occurred, the data had already been encrypted.

Focus shifted to asking whether the attackers could access the data using a specialized key.

6

Aftermath

Five US States carrying out the investigations.

Company has ben fined close to £100 million.

Stricter compliance with the European Union’s General Data protection Regulation (GDPR).

Customers convinced to register on Web Watchers to monitor nefarious websites for data exchange.

Marriot made public their communication Email to prevent phishing attacks.

7

What followed after the attack?

Five states in the United States were incorporate in the investigation process.

The Marriott International Company was fined close to 100 million sterling pounds.

The regulations agencies tightened the noose on compliance with the existing regulation procedures.

Finally, Marriot came up with an email to notify customers of their official communication channel.

The Company also encouraged the customers to register for the Web Watchers, a site that could track where their personal information was being exchanged at a fee.