Just as we hit December this year it is apparent that hackers have stepped up their game with a hit on two new sites over the space of weeks. Quora, the online Q&A site has had information on more than 100 million users stolen, while the Marriot group data breach saw over 500 million users affected.
The largest differentiating factor between the two data breaches is that in Quora’s case, the information is only personal and does not contain data on payments. Data stolen from Marriot on the other hand included payment card information.
Where Did Marriot Go Wrong?
Marriot Group received an intrusion alert to their system databases in the United States from a security tool on the 8th of September this year. Following an internal review, it was alarmingly discovered that unauthorized access to their network had occurred since 2014.
Although the group did not reveal how many times the guest database was hacked into over the past four years, it admitted that stolen information did include payment card information which was encrypted with AES-128.
Unfortunately, Marriot has not been able to determine if the attackers have stolen the necessary components needed to encrypt the payment card information. The group says that it is working with law enforcement and has reported the incident to regulatory authorities.
What’s next for Marriot?
According to cybersecurity giant Kaspersky Lab, the incident is notable on many levels including the reputation of the Marriot Group, the volume of data stolen and most importantly payment card information. Although payment card information was encrypted, apparently the attackers potentially stole the keys too!
“This data breach is now one of the most critical data-breaches in history. Not only is the amount of the information stolen terrifying, but the personal details that were exposed are essentially a database of very personal resumes of millions of people, in some cases accompanied by their credit card details,” said David Emm, Principal Security Researcher, Kaspersky Lab.
According to Emm, the nature of the stolen information opens the possibility of multiple threats, from spear-phishing attacks, to cyber espionage. Although the company was still trying to assess the true extent of the attack, it is apparent that security measures put in place were obviously insufficient.
“We also warn consumers to remain vigilant, as these types of breaches present scammers with an opportunity to use the opportunity to try and scam people by pretending to be from the Ex-Starwood hotels chain or Marriott Group. Our advice to people is to definitely change your passwords and use electronic cards, not physical ones, for online payments,” he added.