Marriott facing lawsuits after data breach impacting up to 500 million customers

What can you do if you are customer?

Anbang sweetens offer for Starwood to $14 billion to trump Marriott
Traders stand by the post where the stock for Starwood Hotels & Resorts Worldwide Inc is traded on the floor of the New York Stock Exchange November 16, 201 Reuters

This weekend Marriott disclosed a large-scale data breach impacting almost 500 million customers, who stayed at a Starwood-branded hotel within the last four years. Now the customers in US sued global hotel chain Marriott with one class-action lawsuit seeking $12.5 billion in damages.

ZDNet reported on Monday, "While plaintiffs in the Maryland lawsuit didn't specify the amount of damages they were seeking from Marriott, the plaintiffs in the Oregon lawsuit want $12.5 billion in costs and losses."

Marriot stated that there was unauthorized access to a database tied to customer reservations stretching from 2014 to September 10, 2018.

The breach data included some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences.

As per Marriott, some of the records also included encrypted payment card information, but it could not rule out the possibility that the encryption keys had also been stolen. After the revelation of the data breach, Marriot's shares witnessed a maximum 8.7 per cent drop.

Chief Executive of Marriott International Arne Sorenson said, in a news release, "We fell short of what our guests deserve and what we expect of ourselves. We are doing everything we can to support our guests and using lessons learned to be better moving forward."

David Emm, Principal Security Researcher at Kaspersky Lab said, "While we're still only beginning to assess the true extent of the attack, ultimately, the security solutions the Starwood Hotels and Marriott Group had in place clearly weren't sufficient enough if it allowed an unauthorised third party to get into the system."

Emm also added that "The data was encrypted, but the attackers potentially stole the keys too - highlighting that an extra layer of security should have been in place to prevent this from happening. This data breach is now one of the most critical data breaches in history."

The Malwarebytes' Intelligence Team has advised affected customers to follow a few steps and these are:

  • Change your password for your Starwood Preferred Guest Rewards Program immediately. Random passwords generated by a password manager of your choice should be most helpful.
  • Review your banking and credit card accounts for suspicious activity.
  • Consider a credit freeze if you're concerned your financial information was compromised.
  • Watch out for breach-related scams; cybercriminals know this is a massive, newsworthy breach so they will pounce at the chance to ensnare users through social engineering. Review emails supposedly from Marriott with an eagle eye.

As per the Malwarebytes, if you're a business looking for tips to prevent getting hit by a breach, then you should:

  • Invest in an endpoint protection product and data loss prevention program to make sure alerts on similar attacks get to your security staff as quickly as possible
  • Take a hard look at your asset management program- Do you have 100 percent accounting of all of your external facing assets? Do you have uniform user profiles across your business for all use cases?
  • When it comes to lateral movement after an initial breach, you can't catch what you can't see. The first step to a better security posture is to know what you have to work with.