Marriott said in a statement that it “values our guests and understands the importance of protecting personal information”. On November 19, 2018, Marriott was able to decrypt the information and determined that the contents were from the Starwood guest reservation database. Marriott recently discovered that an unauthorized party had copied and encrypted information, and took steps towards removing it. After consulting with security experts Marriott learned that there had been unauthorized access to the Starwood network since 2014. On September 8, 2018, Marriott received an alert from an internal security tool that there had been an attempt to access its Starwood guest reservation database. Marriott says it “reported this incident to law enforcement and continues to support their investigation” and simply added that it had “already begun notifying regulatory authorities”. Under GDPR breaches of personal data must be reported within 72 hours. It’s not known if the breach was reported to the regulatory authorities at the time of the incident. With others such as British Airways announcing a cyber-attack just days afterwards, Marriott could come under heavy criticism. The other question is why the group has taken so long to announce the breach to customers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |