A huge data breach has seen the Marriott hotel chain at the forefront of the latest cyber hacking scandal. An unauthorised party managed to gain access to private records, which has seen 500 million customer records become compromised.
According to reports, a hacker had access to the Starwood division of the hotel chain since 2014. Reports have suggested that a variety of personal information had been compromised including name, address, phone number, emails, passport and other details. According to an investigation, this information was not stolen in every case, however over 327 million guests had some combination of these details taken.
The UK's Information Commissioner's Office has given a statement, claiming that "we have received a data breach report from Marriott involving its Starwood Hotels and will be making enquiries. If anyone has concerns about how their data has been handled they can report these concerns to us."
The Marriott Group have set up a website to help support victims, and have spoken out on the breach which has affected so many of their customers. They released data that confirmed that:
“On September 8, 2018, Marriott received an alert from an internal security tool regarding an attempt to access the Starwood guest reservation database. Marriott quickly engaged leading security experts to help determine what occurred. Marriott learned during the investigation that there had been unauthorized access to the Starwood network since 2014.”
Of course, the Marriott will be liable to pay for any wrong doing on their behalf or negligence which could cost them millions. However, as with any case of a cyber security attack, customer trust in a business is compromised due to loss of trust. Anyone who has used the Starwood branch of Marriott will undoubtedly be panicking upon hearing the news that their data is at risk. Cyber security attacks affect reputation and causes consumer panic.
The hotel chain is also at risk of being told they haven’t handled it correctly by the ICO and other international regulators. According to the financial times, the new GDPR regulations meant that the hotel is required to inform regulators within 72 hours of finding the breach or face fines of up to 4% of global revenue. For a business like Marriott this isn’t petty change - according to 2017 statistics, 4% of the companies global revenue would be around £916,000,000 or nine hundred sixteen million pounds.
The importance of Cyber Security
Cyber attacks such as these just go to show the importance of having effective cyber security plans in place in the event of such an attack. It also reinforces the demand that’s out there for qualified cyber security professionals. Whenever a hack like this happens, it alerts other businesses to their own security measures and ensures that people are aware of the dangers.
If you’re thinking of helping address attacks like these and are interested in a career in cyber security, then get in touch to speak about how to become a certified cyber security professional.