Up to 500 million travellers details may be compromised as hotel chain Marriott International have announced a security breach within their guest database. Researchers alerted the firm to a vulnerability that has granted hackers access to the hotel chain’s database systems since 2014.
Starwood Preferred Guest (SPG), the companies loyalty program, was compromised for an extended period which left customers vulnerable. The exploit exposed guest information such as names, addresses, passport numbers, and date of birth. Marriott also announced an unknown number of customers had their encrypted credit card details stolen during the attack.
If you have been a member of Marriott’s Preferred Guest Program or a customer of Marriott hotels in the past, you need to take urgent steps to ensure your data security. You can then protect your finances, prevent identity theft and defend your data from attackers looking to exploit an opportunity.
Secure Your Data
The first step is to change your Marriott password. Even more importantly, sites where that same password has been reused should be updated with new credentials too. Hackers commonly try details stolen from one site to access other popular services and websites. We encourage everyone to use a password manager to store their details safely. A good password manager enables unique, random, and strong passwords to be used with ease for every single website.
While we can’t stop hacks on systems outside of our control; we can defend our other accounts from being accessed by criminals.
With secure password management, attacks on your business services or related accounts from a single hack are made impossible.
Performing Damage Control
The damage to the Marriott International brand following news of the leak is huge. At a minimum, they have lost the trust of their customers worldwide. Asking customers to leave their personal and financial details again to pay for goods and services will be no small feat.
News of the hack made front page news worldwide, further damaging the firm’s reputation among potential future customers. As a result of a simple security attack, Marriott International will be forced into damage limitation to keep customers returning to the brand. This is why business security matters to us; when done right it is cheaper by far.
The real cost of this attack won’t be known for years to come. The firm is vulnerable to lawsuits worldwide, in some cases liable for financial losses, and required to purchase identity monitoring and security services for affected customers. Other business owners though can learn from Marriott’s costly lesson.
Stopping an Attack in its Tracks
Marriott’s security breach was recently discovered, hitting the headlines just the other week, but the firm admitted unauthorised access has been taking place since 2014. This means the firm had a security hole for four years that they were unable to detect or even fix.
For a firm of any size, this is totally unacceptable. As business owners, we shouldn’t accept security vulnerabilities that leave our records, finances, or services open to hackers. As customers, we shouldn’t accept our data being treated so carelessly. The recent Marriott hack underlines the need for businesses to maintain constant network monitoring, regular security updates and a lock down on data access.
Protect Your Business and your Customers
Any business can find their systems vulnerable to attack at some point. Whether waiting for updates, a newly released zero-day hack, or a malicious employee; responsible firms take steps to limit their liability.
As a rule, staff accounts should be locked to only the systems and data they need to access to. Similarly, customer data should only be open on an as-needed basis when a legitimate requirement exists. These steps, alongside systems and data monitoring can prevent an attack resulting in an enormous data breach. Strong security enables customers to place and maintain their trust in a brand they can keep coming back to again and again and again.
If you are located in Adelaide South Australia and your business could use a security audit to protect against a Marriott style attack in the future, contact us today on (08) 8326 4364 or su*****@dp*********.au.
