Marriott data breach among largest

They say the richness of the data taken makes the hack unique, especially if the hackers end up being hostile nation-states.

Update: 2018-12-03 05:39 GMT
Marriott says that unauthorised access to data at former Starwood hotels, which Marriott acquired two years ago, has been taking place since 2014. (Photo: AP)

The Latest on a security breach inside Marriott’s worldwide hotel empire that has compromised the information of as many as 500 million guests (all times local):

4:40 p.m.

Security experts say a data breach that affected up to 500 million guests at Marriott hotels is one of the largest in the past decade in terms of size and scope. The fact that it took four years to discover is problematic, too.

They say the richness of the data taken makes the hack unique, especially if the hackers end up being hostile nation-states.

Chris Wysopal, chief technology officer of Veracode, says that with information about someone’s arrival and departure dates, “that could be used to incriminate someone” or attack someone’s reputation. He says it goes beyond the traditional credit-card theft or risk of identity theft.

Marriott says that unauthorised access to data at former Starwood hotels, which Marriott acquired two years ago, has been taking place since 2014.

11:30 a.m.

Sen. Mark Warner of Virginia is appealing to Congress to pass laws that require data minimisation following Marriott’s disclosure of a data breach.

Warner, who is vice chairman of the Senate Select Committee on Intelligence and co-founder of the Senate Cybersecurity Caucus, said Friday that Congress should ensure that companies don’t keep sensitive customer data that they no longer need.

Warner also said that new laws should make companies accountable for security costs.

11:05 a.m.

The New York Attorney General is opening an investigation into a Marriott data breach that may have affected 500 million guests.

In a tweet Friday, Attorney General Barbara Underwood said residents need to know that their personal information is safe.

Marriott says that unauthorised access to data at former Starwood hotels, which Marriott acquired two years ago, has been taking place since 2014.

The affected hotel brands include W Hotels, St. Regis, Sheraton, Westin, Element, Aloft, The Luxury Collection, Le Méridien and Four Points. Starwood branded timeshare properties are also included.

None of the Marriott-branded chains is threatened.

Click on Deccan Chronicle Technology and Science for the latest news and reviews. Follow us on Facebook, Twitter

Similar News