Starwood/Marriott breach is looking to be massive. 500 million impacted with high potential of credit cards as well. Includes usernames, passwords, DOB, address, sec questions, passport numbers, reservation history, and possibility of credit cards.
answers.kroll.com/?fbclid=IwAR29… (1/4)
answers.kroll.com/?fbclid=IwAR29… (1/4)
Alarming wording in the response from Marriott:
1. Cards were encrypted with AES-128 bit (solid encryption) - but can't rule out access to decryption keys.
2. Breach was from 2014, and wording suggests had maintained and persistent OS and network access dating 4 years ago. (2/4)
1. Cards were encrypted with AES-128 bit (solid encryption) - but can't rule out access to decryption keys.
2. Breach was from 2014, and wording suggests had maintained and persistent OS and network access dating 4 years ago. (2/4)
Other alarming trends:
3. Found encrypted data that was decrypted which contained the database of the customer information.
4. Looks to be very early investigation stages as there is not any information about the breach on the logon pages, main website, only on the FAQ.
(3/4)
3. Found encrypted data that was decrypted which contained the database of the customer information.
4. Looks to be very early investigation stages as there is not any information about the breach on the logon pages, main website, only on the FAQ.
(3/4)
Steps for folks:
1. Still way early to tell, but if that password was used in other places, change now. Also change Marriott password although they may still have access to network/systems. Monitor CC and credit.
2. Post breach is always tough because its already gone.
(4/4)
1. Still way early to tell, but if that password was used in other places, change now. Also change Marriott password although they may still have access to network/systems. Monitor CC and credit.
2. Post breach is always tough because its already gone.
(4/4)
