In November 2018, global hotel chain Marriott disclosed one of the biggest data breaches of all time where the records of half a billion customers were stolen. The misappropriated data included personally identifiable information, payment card details, and passport numbers. Aside from the immense scope of the attack, what also made it so notable was the fact that Marriott took three months to disclose the breach. Here’s what business owners in Atwater should learn from the event:
#1. Don’t be fooled again
Shortly following its acquisition by Marriott in 2015, Starwood reported a relatively minor data breach that targeted its point-of-sale systems used in various shops and restaurants. Although it remains unknown whether the two breaches were connected, what it does demonstrate is that victims of cybercrime can be targeted more than once.
Hackers often target the same companies because they know them to be easy targets. However, some smaller attacks are actually carried out as smokescreens to draw attention away from more severe breaches.
#2. Traditional security measures still play a role
One of the first things you often hear from technology vendors and cybersecurity experts (including us!) after a severe breach is that victims should hurry to modernize their security infrastructures. That’s usually good advice considering how often hackers rely on exploiting old or unsupported systems. However, this doesn’t tell the whole story.
A primarily proactive approach towards information security should still be accompanied by more traditional, reactive measures. Although things like training and next-generation antivirus are critical, conventional firewalls still play a role.
#3. Mergers and acquisitions present serious technical challenges
Mergers and acquisitions come with enormous technical challenges. These bring together two starkly different infrastructures, which inevitably creates incompatibility issues and information silos. During the process, security often ends up being compromised.
For example, following the $13 billion purchase of Starwood, Marriott found itself needing to merge disparate reservation systems and loyalty programs with data stored in multiple databases. That’s why data migrations — whether large and small — need to proper planning and expert guidance.
#4. Encryption keys should always be kept away from encrypted data
The precise number of records compromised in the Marriott data breach remains unknown to this day and the approximation has been revised several times. The main reason for this is that the hackers encrypted the data they gained access to before misappropriating it. It was extremely difficult to identify which records had been stolen, since Marriott’s data loss prevention system couldn’t pick them up. To guard against such incidents, it’s necessary to store encryption keys on a network separate from the data itself.
#5. Rapid detection and response planning are critical
Because of the catastrophic data breach of 2018 and their failure to disclose it immediately, Marriott is now facing multiple class-action lawsuits. Breach notification laws require that companies disclose incidents within a given time frame, which is typically 45 days. They are also legally obligated to maintain an up-to-date and documented security policy and to take all reasonable precautions to protect customer data in the first place.
In the end, the Marriott data breach should serve as a wake-up call to every organization, regardless of its size or industry, that a multilayered approach to information security is essential in this day and age. Everything from preventative measures to response procedures and 24/7 monitoring solutions should be included.
Valley Techlogic serves businesses in Central California with dependable technology advice and solutions that help boost information security, enhance scalability, and reduce risk. Call us today to get the support you need.
