Knogin Blog

The Breacher Report : Marriott-Starwood 500 Million Records Exposed. What you need to know.

December 10, 2018 10:40:00 AM EST / by Joe Mangano posted in Cyber News, The Breacher Report

0 Comments

In this edition the Knogin's  "Breacher Report" we focus on the recent Marriott-Starwood data breach that has been the talk of the cyberworld.


Here is a brief look at the timeline of events.
* On November 30, 2018 Marriott announces Starwood reservations database security incident

* On November 19, 2018 Marriott's investigation determined there was an unauthorized access to guest information on Starwood reservations system on or before September 10, 2018. 

* On September 8, 2018, Marriott received an alert from an internal security tool regarding an attempt to access the Starwood guest reservation database in the United States. 

*  Upon investigation, it was determined by leading security experts that there had been unauthorised access to the Starwood network since 2014.  While that may seem like a  long time, it is not uncommon that major breaches often go undetected for many years.  

What records were affected?

Marriott believes there were approximately 500 million guest records who made a reservation at a Starwood property.  For approximately 327 million of  these guests, information includes some combination of name, mailing address, phone, email, passport numbers, Starwood Preferred Guest account information, DOB, gender and in some cases payment card data such as numbers and expiration dates

What actions has Marriott taken as a result?
* Created a dedicated website and call center to  respond to customer questions.    (info.starwoodhotels.com)
* Sent emails to affected guests.
* Providing guests  with free one year enrollment in Webwatcher, an internet monitoring service that alerts consumers if evidence of their personal information is found.

This event was serious enough that  the  the Federal Trade Commission (FTC) has released an alert on the Marriott Data Breach to provide affected users with recommended precautions against identity theft after the recent breach of the Marriott International Starwood guest reservation database.

What Knogin's take on all  of this?
This is another incident that reminds me of the saying, "let's close and lock the the stable door after the horse has bolted".   Bottom line, is - its too late!  The damage has been done.

In the spirit of overusing old sayings, this is a lesson for all companies that an "ounce of prevention is worth a pound of cure".

The root cause of the Starwood data breach is currently unknown and no doubt additional details will emerge in the weeks and months ahead. One thing is certain: A breach of this size is hardly ever the result of a single flaw. Rather it's the result of a threat actor that somehow got into the network and then was able to move around laterally without being detected.

Providing enterprise-class levels of security for your network and end points and detecting breaches and lateral intrusions is something that the Knogin's CyberEASY can help you with.
Find out how  CyberEASY helps companies improve their security posture

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

his latest massive records breach, unfortunately highlights the importance of having the proper tools, processes and procedures in place.    


When  there are important breaches that might affect you,  we will let you know
here in The Breacher Report.   Here is the latest...... Eurostar.

According to a report by the BBC,   Eurostar has reset its customers' login passwords after detecting attempts to break into an unspecified number of accounts.

Eurostar has forced all of its customers to reset their passwords after detecting an "unauthorised attempt" to hack into its systems and access their accounts. 

According to a spokesman for Eurostar, "We have taken this action as a precaution because we identified what we believe to be an unauthorised automated attempt to access eurostar.com accounts using your email address and password," the company told customers. 

"We've since carried out an investigation which shows that your account was logged into between the 15 and 19 October. If you didn't log in during this period, there's a possibility your account was accessed by this unauthorised attempt."

Read More

Hello Admin 12345, your days are numbered.

October 8, 2018 4:31:24 PM EDT / by Joe Mangano posted in Cyber News, Cybersecurity Awareness

0 Comments

Have you ever heard of a ‘common sense law’? Well, California just passed SB327 that raises cybersecurity standards.  And it is great timing too, because it’s October and its National Cyber Security Awareness Month.

But first, what is a ‘common sense law’?  When something is ‘common sense’ and ultimately good for you, but yet not enough people are doing that ‘something’, then the lawmakers create a law that requires you to do that ‘something’.  An example would be ‘seat belt laws’ in the US.  

Read More

Sectors Investing the Most and Least on Cyber Security in 2018

August 28, 2018 3:02:25 PM EDT / by Joe Mangano posted in Cyber News

0 Comments

According to a recent article by Nathan Kitto published in BusinessNewsWales, over the last few years, the frequency and severity of cyber-attacks/breaches have exponentially risen. So much so, figures by the Business Continuity Institute (BCI) shows that 53% of UK firms now consider a cyber-attack as the main threat facing them in the near future.

Read More