The news is breaking that hotel chain Marriott has been pwned by hackers. Specifically what has been pwned is the Starwood reservation database which they got when the bought a bunch of hotels in India and Germany a couple of years ago. Now this is a hack that affects me personally as I’ve stayed in Marriott properties over the last two years which makes me one of the 500 million people who have been affected. What’s really scary about this is that hackers have had access since 2014 but the hotel chain only figured that out last week.
All together now: Whiskey Tango Foxtrot?
Here are more specifics:
For 327 million people, Marriott says the guests’ exposed information includes their names, phone numbers, email addresses, passport numbers, date of birth and arrival and departure information. For millions others, their credit card numbers and card expiration dates were potentially compromised.
Marriott warns that it can’t confirm if the hackers were able to decrypt the credit card numbers.
A website has been set up and affected guests will be contacted. But this is really bad and those affected by this like yours truly should take action ASAP to protect themselves.
UPDATE: One of those affected by this hack was well known hacker Kevin Mitnick who said this:
It's disappointing the Marriott/ @spg didn't detect the intruders as they were supposedly in their network for years. This should be a wake up call that orgs need to up their monitoring capabilities asap, or accept the risk of being the next front page news.
— Kevin Mitnick (@kevinmitnick) November 30, 2018
He’s right. Companies need to seriously step up their game in order to stop stuff like this from happening. Marriott needs to slapped silly by the relevant authorities in order to send a message that this isn’t acceptable.