Marriott security breach: Were you affected?

What to do if you were one of the hundreds of millions of hotel customers hit by the attack



Last week it was revealed that hackers stole information from as many as 500 million Marriott hotel guests over the last four years.

The hackers were able to obtain credit card details, passport numbers, dates of birth and other information in what has been described as one of the biggest security breaches in history.

“Such information getting into the hands of fraudsters could have severe consequences , especially in respect of identity or bank fraud,” said Cathryn Culverhouse, solicitor at law firm DMH Stallard, adding the firm could receive a fine of up to 4 per cent of annual revenues from the UK’s Information Commissioner’s Office alone.

If you have stayed at a Marriott or Starwood hotel in the last four years then you may have been affected.

Read: UAE to become Marriott’s largest MENA market after Starwood deal

Marriott has said it is contacting impacted customers without delay.

The following commentary from the senior security advisor at Sophos, John Shier reveals ways in which you can stay safe following the breach and to make sure this doesn’t affect you.

Be on alert for spear phishing: “Marriott has said that personal details associated with the Starwood Preferred Guests accounts have been compromised, and personal email addresses are vulnerable. This creates the perfect scenario for cybercriminals to actually spearphish consumers because they have this type of detailed information.”

Be on alert for opportunistic phishing: “Marriott has said it will email Starwood Preferred Guests those who may be impacted. Do not click on links in emails or other communication that seem to have come from Marriott or Starwood hotels. It’s possible that criminals will try to take advantage of this by sending malicious tweets or phishing emails that look like they’ve come from the company. Hover over URLs and links to see the address before you click. Look at the email address to see where it is from.

“This may sound like an obvious point, but these fake emails can look surprisingly similar. The real email is ‘email-marriott.com’ whereas a fake email read ‘email-marriot.com’. These look incredibly similar but are in fact completely different ends of the spectrum.”

Monitor your financial accounts: “Reports indicate the attackers may have access to some members’ encrypted credit card information, but it’s not clear as of yet if this information can be decrypted; in general, monitor your credit card for suspicious activity. As a safety precaution, change the password to your online credit card account. If you use the same password for similar financial management websites, immediately change the password on those websites. As a best security practice, always choose a different, strong password for each sensitive account.”

Change passwords, as a precaution: “It’s not clear as of yet if the attackers have access to Starwood Preferred Guest account passwords, but as a safety precaution, consumers can change their password. If this password is also used for any financial accounts, change those immediately. Monitor your Starwood Preferred Guest account for suspicious activity.”

Don’t Google ‘Web Watcher’: “Marriott is offering victims in the USA, UK and Canada a free, one-year subscription to something it calls WebWatcher, which it describes as a service that monitors ‘internet sites where personal information is shared.’ Don’t Google it. If you Google ‘WebWatcher’ you won’t find the monitoring service, you’ll find lots of links to spyware of the same name. Don’t sign up for that. Do follow the links to country-specific versions of the official breach site. You cannot sign up for monitoring from the main breach page, you have to go to the all-but-identical versions of the page for the US, UK or Canada.”

Nick Wyatt, head of tourism at data and analytics firm GlobalData has given his views on how to turn this disaster into a positive.

In its report, GlobalData said Marriott cannot afford for anything like this to happen again so will have to heavily invest in cybersecurity.

GlobalData forecasts that by 2021, the global cybersecurity products market will grow to $140bn from $114bn in 2017.

In particular, other hotel companies are expected to take note of Marriott’s breach and improve their own cyber defence capabilities.

“In the more immediate term, Marriott must show that it is employing post-breach consultants to help take all actions possible to protect critical digital assets. Such firms will also look to identify the characteristics of the hackers in a bid to pre-empt further attacks. If Marriott can demonstrate that it is using such services, its claims of reducing future data security risks will have far more credibility”, said Wyatt.

‘‘Marriott has a chance to repair the reputational damage inflicted by shaping the future for the better and being seen as the catalyst for improved industry standard systems would be a great fillip. It must seize this opportunity to turn a great negative into a positive”.

If any customers have a potential claim against Marriott for any losses regarding the security breach they may be viable for compensation, according to Culverhouse.

If you have any questions or want more information on the security breach then you can visit the website set up by Marriott https://answers.kroll.com/