Hackers broke into Marriott International. Captured data about 500 million guests

The national cybersecurity center (NCSC) today said that they received a statement from Marriott International about hacking the database of this hotel chain. The attackers gained access to information on 500 million hotel guests around the world for the last 4 years. NCSC recommends that victims be careful when you receive calls and letters from unknown persons.

We are working with partners to better understand the data breach affecting Marriott International and how it has affected customers. Our advice can be found herehttps://t.co/dMVc3ZjQWA

— NCSC UK (@NCSC) November 30, 2018

As it turned out, the internal safety tool warned about Marriott trying to 8 Sep database access reservation guest houses in Starwood. The company turned to leading cyber security experts who discovered the unauthorized access to the Starwood, which was carried out in 2014. It is now known that an unauthorized user copied and encrypted information and has taken steps to remove it.

More information about the situation already announced Marriott International in an official statement to its clients: «the Information involves the combination of name, mailing address, phone number, email address, passport numbers, account information, Starwood Preferred Guest («SPG»), date of birth, gender, information on arrival and departure, date of booking and the communication settings. For some, the information also includes payment card numbers and expiration dates of their term, however payment card numbers are encrypted using the Advanced encryption Standard (AES-128). To decrypt requires two components, and at the moment Marriott could not exclude the possibility that both of them were taken.»

Marriott International: Hackers Accessed the Records of 500 Million Users https://t.co/ghbZan9vH7 pic.twitter.com/P2QBMFLNTS

— Joao Beringel (@BeertjesAdvies) November 30, 2018

NCSC advises individuals held the registration for Starwood in the period 2014-2018, to take care:

  • contact your Bank if you notice any unauthorized activity. Monitor your financial accounts for any suspicious transactions.
  • use two-factor authentication on their confidential accounts to have unique passwords for all their accounts.
  • be vigilant against suspicious phone calls or targeted emails.

Marriott International has opened a special call center to answer customer questions about the incident, and regularly distributes e-mails to affected guests whose email addresses are in the database, booking guest houses for Starwood.

NCSC recalls that genuine financial institutions will not ask you to answer the email with personal information or information about your account. If you contact him, use the phone number/email address, which you found yourself on their official source and not received by e-mail.

Source