Senate to talk about the attack, and the transcript of his testimony provides a window into what we do know.Īs we noted, Marriott first became aware that they'd been hacked when a security tool flagged an unusual database query. ![]() Marriott CEO Arne Sorenson appeared before the U.S. Marriott has not made many of the details of the attack public, so we can't say for certain what vulnerability or mistake was the direct cause of the breach. Now aware of the severity of the breach, Marriott released a statement on November 30, 2018, outlining the basics we've described here. Many of the records include extremely sensitive information like credit card and passport numbers. By November, they had managed to decrypt that data and discovered that it included information from up to 500 million guest records, though those undoubtedly include duplicate records or multiple records pertaining to individual guests. In their investigation, Marriott found data that the attackers had encrypted and attempted (probably successfully) to remove from the Starwood systems. Marriott purchased Starwood in 2016, but nearly two years later, the former Starwood hotels hadn't been migrated to Marriott's own reservation system and were still using IT infrastructure inherited from Starwood, an important factor that we'll revisit in more detail later. ![]() This prompted an internal investigation that determined, through a forensics process that Marriott has not discussed in detail, that the Starwood network had been compromised sometime in 2014 - back when Starwood had been a separate company. On September 8, 2018, an internal security tool flagged as suspicious an attempt to access the internal guest reservation database for Marriott's Starwood brands, which include the Westin, Sheraton, St. While Marriott has not disclosed the full timeline or technical details of the assault, what we do know tells us quite a bit about the current threat landscape - and offers lessons for other enterprises on how to protect themselves. In late 2018, the Marriott hotel chain announced that one of its reservation systems had been compromised, with hundreds of millions of customer records, including credit card and passport numbers, being exfiltrated by the attackers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |