The Marriott breach: Here’s what you need to know

Last week Marriott revealed it had fallen victim to a massive hack that led to the theft of a whopping 500 million Starwood hotels customers.

The information stolen included some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest (“SPG”) account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences.

In a statement, Marriott said it “deeply regrets this incident happened”.

“From the start, we moved quickly to contain the incident and conduct a thorough investigation with the assistance of leading security experts,” the hotel giant said.

“Marriott is working hard to ensure our guests have answers to questions about their personal information with a dedicated website and call center.

“We are supporting the efforts of law enforcement and working with leading security experts to improve. Marriott is also devoting the resources necessary to phase out Starwood systems and accelerate the ongoing security enhancements to our network.”

We asked cybersecurity company Sophos what customers should do if they think they have been impacted by the hack.

According to John Shier, senior security advisor at Sophos, the potential fallout from the Marriott’s Starwood data breach should be alarming to anyone who has stayed at a Starwood property in the last 4 years.

He said those affected could be at risk of opportunistic phishing attacks and targeted phishing emails, phone scams and even financial fraud.

“Unlike previous breaches, this attack also included passport numbers for some individuals who are now at increased risk for identity theft,” Shier said.

“At this point, however, it’s unclear what level of exposure each individual victim has been subject to. Until then, all potential victims should assume the worst and take all necessary precautions to protect themselves from all manner of scams.”

Sophos recommends those who are potentially affected follow these handy tips:

  • Be on alert for spearphishing: Marriott has said that personal details associated with the Starwood Preferred Guests accounts have been compromised, and personal email addresses are vulnerable. This creates the perfect scenario for cybercriminals to used targetted phishing emails against consumers because they have this type of detailed information.
  • Be on alert for opportunistic phishing:  Marriott has said it will email Starwood Preferred Guests those who may be impacted. Do not click on links in emails or other communication that seem to have come from Marriott or Starwood hotels. It’s possible that criminals will try to take advantage of this by sending malicious tweets or phishing emails that look like they’ve come from the company. Hover over URLs and links to see the address before you click. Look at the email address to see where it is from.
  • Monitor your financial accounts:  Reports indicate the attackers may have access to some members’ encrypted credit card information, but it’s not clear as of yet if this information can be decrypted; in general, monitor your credit card for suspicious activity. As a safety precaution, change the password to your online credit card account. If you use the same password for similar financial management websites, immediately change the password on those websites. As a best security practice, always choose a different, strong password for each sensitive account.
  • Change passwords, as a precaution:  It’s not clear as of yet if the attackers have access to Starwood Preferred Guest account passwords, but as a safety precaution, consumers can change their password. If this password is also used for any financial accounts, change those immediately. Monitor your Starwood Preferred Guest account for suspicious activity.