Member Article

Marriott International hacked

It was revealed last week that Marriott International’s guest reservation database of its Starwood division has been hacked. The breach, which was discovered in September, saw hackers access the names, address, phone numbers, passport numbers and in some cases, payment card details, of up to 500m guests. Investigations made since the breach was discovered has revealed hackers have had access to the network since 2014.

“This breach has affected a staggering number of people, with the hotel chain confirming hackers have been able to access 500m guests’ information, which, worryingly, includes passport numbers and encrypted payment card numbers,” said Ross Brewer, VP and MD EMEA, LogRhythm.

“A breach like this highlights the importance of automated threat detection. When you consider the high value data companies like Marriott hold – names, addresses, payment details etc – it’s not surprising that hackers will persistently attempt to gain access. What’s surprising, and extremely concerning here, is that during investigations Marriott found that there has been unauthorised access to the Starwood network since 2014. We are constantly surprised by companies that are unable to detect anomalous network activity, but it’s not often this kind of activity has been going on for so long without being flagged,” continued Brewer.

“Companies like Marriott have a responsibility to protect the data their customers entrust them with, so it’s crucial they have tools in place that can identify unauthorised access as soon as it happens. Tools like NextGen SIEM and User and Entity Behaviour Analytics (UEBA) should now form a crucial part of an organisation’s security suite – without them, companies are always going to end up playing catch-up with the cyber criminals, which, in this case, has enabled them to roam the network undetected for four years.”

This was posted in Bdaily's Members' News section by LogRhythm .