Mariott Data Breach
Mariott Data Breach | |
---|---|
Short Title | Mariott Data Breach Comrpomised the Personal Information of 500 Individuals |
Location | Global |
Date | 2014 |
Solove Harm | Insecurity, Interrogation |
Information | Identifying, Contact, Account, Location, Demographic |
Threat Actors | Mariott International Inc., Hackers from China |
Individuals | |
Affected | Guests of Mariott |
High Risk Groups | |
Tangible Harms |
In 2018 Mariott Hotels reservation system Starwood was found to be hacked. Nearly 500 million records of personal information of hotel guests were copied by an unauthorized party.
Description
The reservation system Starwood, owned and used by hotel chain Mariott, was found to be hacked. The attack started in 2014 and went unnoticed for 4 years.
Among the compromised information were: names, addresses, phone numbers, birth dates, email addresses, and encrypted credit card details of hotel customers. The travel histories and passport numbers of a smaller group of guests were also taken. It affected nearly 500 million individuals.Insecurity
Another violation that can be identified here is Interrogation, as hackers' actions can be interpreted as probing for personal information through Starwood systems.
Mariott said nearly 5 million of passport numbers that were stolen, weren’t encrypted and stored in Starwood system in plain text. It wasn’t clear, however, why some numbers were encrypted and others weren’t.
The media reported that the attack was part of a Chinese intelligence-gathering effort that is also linked to the other attacks. China has denied any knowledge of the Marriott attack.
Mariott data breach was reported to be one of the largest loss of personal data in history, second only to a 2013 breach of Yahoo that affected three billion user accounts