Marriott’s Starwood Data Breach Affects Up to 500 Million People

Marriott’s Starwood Data Breach Affects Up to 500 Million People

We’ve got another cyber attack being reported, this time for Marriott International and its Starwood business to the tune of up to 500 million guests. This puts it around the third worst attack in recent history. What will make this latest compromise even more noteworthy is it’s being one of the larger attacks since the European Union’s General Data Protection Regulation privacy law took effect in May. That’s a new development that Marriott and others will need to contend with, which could result not only in fines but also drive a pronounced pick up in cybersecurity spending. In thematic speak, that’s a potential tailwind for our Safety & Security investing theme.

Marriott International Inc. on Friday disclosed one of the biggest data breaches in history, a hack in the reservation database for its Starwood properties that may have exposed the personal information of up to 500 million guests.

News of the attack—rivaled only by the theft of information in 2013 and 2014 from internet company Yahoo—roiled customers of the world’s largest hotel company and lowered its stock price.

In addition to the size of the Marriott exposure, security analysts say the range of customer data potentially compromised—such as passport numbers, travel details and payment-card data—make the breach even more sensitive. Numerous regulators in the U.S. and abroad said they are monitoring the situation.

Marriott will face scrutiny from regulators, particularly in Europe where the European Union’s General Data Protection Regulation privacy law took effect in May, said Travis LeBlanc, a partner with Boies Schiller Flexner LLP. Although the Starwood breach predates GDPR, Mr. LeBlanc said because the unauthorized activity continued after the law went into effect, the incident would likely be subject to it.

Britain’s Information Commissioner’s Office, which can fine companies for failing to protect customers’ personal data, also is investigating. This year, the office fined major companies including Facebook Inc. and Uber Technologies Inc. for mishandling data.

The Marriott hack joins a list of breaches to hit the hospitality industry in recent years. Security analysts say the industry is a ripe target for criminal actors because of the wealth of financial and other information flowing through payment and reservation systems. It also is a highly fragmented business, in which large companies such as Marriott and Hilton Worldwide Holdings Inc. largely license their brands to property owners who manage the hotels.

Source: Marriott Says Starwood Data Breach Affects Up to 500 Million People – WSJ

Recently confirmed Myspace hack could be the largest yet, dwarfing @LinkedIn and @Tumblr breaches $HACK @SophosLabs @Time

Recently confirmed Myspace hack could be the largest yet, dwarfing @LinkedIn and @Tumblr breaches $HACK @SophosLabs @Time

While the myspace data breach may data back a few years, it’s size (roughly 427 million passwords!) serves as a reminder that not every breach/attack is immediately detected let alone thwarted. This serves as a harsh reminder on the ever evolving need for cyber security that fuels our Safety & Security investing theme.

Time, Inc. didn’t confirm how many user accounts were included in this data set, but a report from LeakedSource.com says that there are over 360 million accounts involved. Each record contains an email address, a password, and in some cases, a second password. As some accounts have multiple passwords, that means there are over 427 million total passwords available for sale.Despite the fact that this data breach dates back several years, the size of the data set in question makes it notable. Security researchers at Sophos say that this could be the largest data breach of all time, easily topping the whopping 117 million LinkedIn emails and passwords that recently surfaced online from a 2012 hack.

Source: Recently confirmed Myspace hack could be the largest yet | TechCrunch