Marriott's Starwood hotels mega-hack: Half a BEEELLION guests' deets hacked over four YEARS

www.theregister.co.uk | 9/8/2018 | Staff
Omnista (Posted by) Level 3
Click For Photo: https://regmedia.co.uk/2018/11/30/shutterstock_hotel.jpg

US hotel chain Marriott has admitted that a breach of its Starwood subsidiary's guest reservation network has exposed the entire database – all 500 million guest bookings over four years, making this one of the biggest hacks of an individual org ever.

"On September 8, 2018, Marriott received an alert from an internal security tool regarding an attempt to access the Starwood guest reservation database in the United States," said the firm in a statement issued this morning. "Marriott learned during the investigation that there had been unauthorized access to the Starwood network since 2014."

Bookings - Customers - Name - Address - Phone

Around 327 million of those guest bookings included customers' "name, mailing address, phone number, email address, passport number, Starwood Preferred Guest ('SPG') account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences."

For an unspecified number, encrypted card numbers and expiration dates were also included, though Marriott insisted there was AES-128 grade encryption on these details, saying: "There are two components needed to decrypt the payment card numbers, and at this point, Marriott has not been able to rule out the possibility that both were taken."

Reference - Salting

This could be read as a reference to salting and...
(Excerpt) Read more at: www.theregister.co.uk
Wake Up To Breaking News!
Sign In or Register to comment.

Welcome to Long Room!

Where The World Finds Its News!