Marriott Announces Data Breach Affecting 500 Million Hotel Guests
(Nov 30, 2018)
The international hotel chain “Marriott,” has confirmed in a statement that it was affected by a data breach dating back to 2014 that affects approximately 500 million individuals who stayed at its “Starwood” hotels. The company stated that it became aware of the breach on September 10, which was two days after Marriott staff observed an alert from an internal security tool. The tool notified the staff about an attempt to access “Starwood,” a Marriott subsidiary, guest reservation database in the US. Marriott stated that the “company has not yet finished identifying duplicate information in the database, but believes it contains information on up to approximately 500 million guests who made a reservation at a Starwood property.” The database that was illicitly accessed contained information such as: arrival and departure information, combination of name, communication preferences, date of birth, email address, passport number, phone number, Starwood preferred guest information, and reservation date. Some individuals’ payment card information was also accessed, albeit the data was encrypted with AES-128.
Recommendation: Significant data breaches often result in threat actors attempting to steal information by capitalizing on fear-tactics. Individuals who are concerned about the Marriott breach can acquire additional information from the following website “https://www.sec.gov/Archives/edgar/data/1048286/000162828018014745/a2018ex99.htm”.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.