By: Philip | 12-01-2018 | News
Photo credit: J P |

500 Million Instance Marriot Data Breach Could Have Surprising Silver Lining

What is certainly unfortunate news for Marriot hotels and their guests may result in a win for privacy rights. Marriot has officially made history, in one of the worst possible ways. With 500 million instances of data theft including credit card information, passport numbers and other personal information gathered by the hotel chain this latest massive breach may dwarf that of even the enormous Equifax hack that affected 145 million people.

At the moment it is not clear whether the 500 million figure represents individuals who have had their privacy invaded by hackers courtesy of the Marriot family of hotels or if the figure includes redundancies based on single customers who stayed at one of their hotels on multiple occasions.

Chris Wysopal, chief technology officer of Veracode security company spoke about the massive info leak, ""On a scale of 1 to 10 and up, this is one of those No. 10 size breaches. There have only been a few of them of this scale and scope in the last decade."

If most of the 500 million incidents are separate individuals the hack is definitely historic in its scope. As mentioned the Equifax breach was previously one of the worst info heists to date. In 2015, Experian was compromised resulting in some 15 million Americans having their personal information stolen and likely resold on the dark web. The Target leak of 2013 exposed contact information and credit card numbers for over 41 million accounts.

Security analysts suggest that the breach likely began as early as 2014. Though credit card information was among the personal information the culprits absconded with, it is uncertain whether card information could be used. It was encrypted but the hackers also made off with components of the decryption key.

In addition to encrypted credit card information and decryption key information, the personal data breached included personal information such as email addresses, passport numbers, birth dates, reservation, arrival and departure dates and Starwood Preferred Guest account information.

CEO Arne Sorenson expressed regret in a statement: "We fell short of what our guests deserve and what we expect of ourselves. We are doing everything we can to support our guests and using lessons learned to be better moving forward."

Marriot may have more than a PR disaster on their hands considering the fact that stolen data from guests from EU nations could put them in violation of new European privacy laws. An even larger worry to consider is the possibility that those responsible had primarily political rather than fiscal motivations.

Jesse Varsalone, associate professor of cybersecurity at the University of Maryland University college warned of the havoc spies could wreak with reservation information of government officials: "There are just so many things you can extrapolate from people staying at hotels. Once you know someone's arrival, departure, room preferences," that could be used to incriminate a person or for a reputation attack that "goes beyond your traditional identity theft or credit card theft."

In most of the largest data hacks of the past passport information was not included, but Hong Kong's Cathay Pacific Airways revealed in October that 9.4 million customers' information had been stolen, including passport numbers. Passport numbers are an example of how the richness of the data in this hack could make the info more valuable as more identifying information improves the chance of identity theft making the full set more valuable in deep web marketplaces.

If your credit card number is hacked, you can easily have it frozen and receive a new one in a short time. Getting a new passport number isn't as much a piece of cake. The passport number alone may not be as troubling considering in most cases the physical passport must be seen for it to be taken as valid identification.

With the broad amount of data making identity theft a possibility, those affected by the hack may be more in danger of a credit card being opened in their name and used than their existing credit card data being used.

If every cloud has a silver lining, in this case, it would likely be the heat placed on Marriot by representatives of government. The New York attorney general has already opened an investigation and co-founder of the Senate Cybersecurity Caucus, Senator from Virginia Mark Warner has spoken out about the need for measures to ensure companies are held accountable for such incidents rather than leaving the consumer victims to "shoulder the burden and harms resulting from these lapses."

To be fair, it could have been worse. The Yahoo hack resulted in 3 billion accounts being compromised in all so as far as silver linings for Marriot, cold comfort though it may be, at least Yahoo set the bar for massive leaks.


Twitter: #databreach #marriot #marriotdatabreach

Share this article
Thoughts on the above story? Comment below!
1 Comment/s
coward usa No. 91993 2018-12-01 : 18:45

Rape is nothing and coward USA would let communist rapist free, which is often banned to speak in redd*t.

US supplied bomb that killed 40 children on Yemen school bus , with smart missiles which are smart enough to recognize and kill easy-to-kill children to show US has balls when being fucked off by hard-to-kill Russians.

​Slow coward failure America likes to make the war as long as possible, already said far far more earlier and banned. Is slow coward USA doing the same thing that USA just waits a few months until China yuan is down 10% to $, then dares to tax 10% on $505 billions, and thus gets 10%-10%=0% in real trade? After all, USA has loved China communists and their ZTE for decades. My English is so bad?

​1, USA shouts that USA would put tariff on $500 billion goods made in China to change anti-freedom trade with China.

2, China devalues (downs) its currency yuan 10% to USA currency $.

3, then USA dares to really put tariff 10%, and gets nothing in real trade because 10%-10%=0%, which means that prices of goods made in China are decreased 10% by means of China government devaluing yuan 10%, and prices of goods made in China are increased 10% by meanings of USA government putting tariff 10% on all, and thus prices in trade not changed in total.

​4, ZTE is always controlled by China communists, and sells anti-freedom system to Iran and Korea, and banned by USA and then supported by USA at last.

Just the first sentence I said, if you cannot read more sentences. "Coward USA is too slow, which would make the war last long and thus make USA fail eventually."

Coward USA is too slow, which would make the war last long and make USA fail. China yuan is already down 4% to USA dollar. So the real tariff in trade would be 10%-4%*500/200=0% for the new 10% tariff on $200 billions of China goods.

Notice: $500 billions is the minimal of goods made in China exported to USA. So China yuan downing (or devaluation of China currency to America currency, now about 4% down) affects more than $500 billions goods exported to USA, but new tariffs expected only affects $200 billions goods exported to USA. So the result of the new tariffs on the whole trade of goods made in China but exported to America here is only 10%-4%*500/200=0%.

Maybe USA can keep torturing Children (news about immigrants) and infants (news about USA believing cow milk is much better than mother milk or breast milk for infants), and make China communists keep stealing $375 billions and millions of American jobs from USA every year, since all these would make America great again.

Is USA a coward failure only shouting 200 billion and shouting 500 billion with doing nothing real while China communists have been keeping beating USA?

The simplest example in life to see the unfair robbery nature of China communists…(rob money from Chinese,rob work from American)

If you transfer money from banks not in China (for example, D) to China bank,Zero fee. But if you transfer back,that's to say, if you transfer money from China bank to banks not in China (for example,D), very high fee. That's the fairness? So, we got to know why China bank would not like fair competition with other banks, and China communists did unfair competition very well. (By the way, there is a little fact : China top four communist banks are the four biggest and richest banks all over the world. )

China bank says: If you transfer money out of mainland,for example, if you transfer money to USA , the fee is 1‰, 50¥ at least for each.And there is also tele fee,150¥ each time. And there also may be other fees. ​ So, if you are a Chinese and want to buy an American goods, you transfer 500¥ to your account outside China, and China bank just simply takes off more than 200¥ from you just because you want to buy an American goods. Moreover, if you take this American goods back to China, you may face high tax by China communists as well. So, we got to know why China goods would not like fair competition with USA goods, and China communists did unfair competition very well. (By the way, there is a little fact: China communists legally steal $375 billions and millions of American jobs from USA in 2017 by anti-freedom trade.) ​And all above here lasts for decades!

Seen in "China government has legally stolen 375.23 billions from USA in a single year…"

What do you think about this article?
Comment *

Recent News

Popular Stories