Just fined $ 124 million last year for leaking information.
On March 31, Marriott International Group issued an announcement saying that the group had a data breach in mid-January this year, but was not aware of it until late February. The personal information of approximately 5.2 million hotel customers was affected.
The announcement stated that two employee accounts of a Marriott-owned franchise hotel were suspected of accessing large amounts of visitor information. From mid-January, someone used the login credentials of the two employees to access “more than expected guest information.” After confirming that the attack exists, Marriott has disabled the relevant login credentials, started a cyber security investigation, and implemented High-level monitoring and notification to relevant customers.
The leaked information includes: the guest’s contact information (name, mailing address, email address, mobile phone number); member account information (account number and credit balance, but excluding passwords); other personal information (company, gender, birthday) ; Other service plans (such as airline loyalty programs); Preferences (accommodation / room preferences, language preferences), etc.
However, Marriott states that not every guest has exposed all of the above information, and currently has no evidence that this incident affected the guest’s Bonvoy account password or PIN, payment card, passport number, identity Sensitive information such as ID number or driver’s license number.
Marriott’s remedies include: establishing a self-service website to help guests confirm if their information has been leaked; disabling the passwords of exposed Marriott Bonvoy users, and enabling multi-factor authentication at the next login, requiring them to change their password . In addition, Marriott will provide affected guests with a free one-year IdentityWorks personal information monitoring service.
This is not the first time Marriott has leaked data. Last year, Marriott just paid a US $ 124 million fine to UK data protection regulators for a 2018 data breach. In that hacking case, records of 339 million customers were leaked, involving residents of 31 countries in the European Economic Area and 7 million British residents.
As of press time today, Marriott’s stock price was down 7.08% before the market. Prior to this, From February 21st to March 31st, affected by the epidemic, Marriott’s stock price was cut, and the market value had fallen by half.
After the data breach in 2018 was exposed, Marriott’s stock price fell the most by 8.7%.
2On April 26, 019, Marriott’s CFO Lenny Oberg stated during a conference call with investors that the data breach caused Marriott’s $ 28 million in losses (before taxes), but these losses were covered by approximately $ 25 million in insurance This offset did not affect Marriott’s adjusted revenue.
Although hacker attacks and data leaks generally do not have a long-term impact on corporate stock prices, the impact on users is inestimable.
Peng Sixiang, the head of Tencent’s secure data security team, told 36: After the theft of a lot of personal information, it will flow to the dark web and be traded by hackers. Once information is stolen, it becomes difficult to control the loss.
“General information can be avoided after the information is leaked. It may only be encrypted in advance,” said Peng Sixiang. If the information is recorded in plain text, it is difficult to restrict the black production to it. use. “Some messages carry watermarks, but they can only be a little deterrent to buyers.”
Source of problem map: visualhunt