Hotel giant Marriot have revealed that a massive cybersecurity breach has led to the theft of personal data of more than 500 million customers. They say that this breach came after a string of attacks that were made in the past which hit the company’s own cyber-incident response team.
Marriot say that their security is facing probes from multiple government bodies, including New York Attorney General’s office. They say that European regulators such as the U.K. information commissioner, that are capable of fining companies with a huge amount as per the GDPR rules, are also looking seriously into the matter.
Senator Roy Wyden believes that in such situations, no one but the hotel giant is to blame. He claims that in spite of stringent rules and regulations around cybersecurity breach, big companies need to bear the brunt of multibillion-dollar fines and jail time for senior executives as a lesson to take data privacy seriously.
The hotel and hospitality giant say that they suspect Russian cybercriminals behind this wrongdoing. They also say that they have evidence that points towards the perpetrators and are in the process of taking legal action against the group.
Backing this claim, Marriot acquired Starwood chain of hotels claim that they have been haunted by many cybersecurity breaches in the past. They say that they have images and screenshots of cybercriminal access to Starwood’s corporate portals that were initiated by Russian botnets (since they belonged to a small group of Russian-speaking hackers).
Alex Holden, founder of Hold Security believes that when Starwood’s network was hacked, Marriot revealed that an SQL injection caused issues in the company’s corporate database portal. He claims that this vulnerability that was never completely repaired in the first place might have led to the cybersecurity breach that took place days ago.
In closing, the hotel giant has said that they will bounce back with an action-oriented plan that will help them secure the data of its treasured customer base. This cybersecurity breach reminds us of the recent string of events where big corporations like Zoho and Microsoft have been hit by cyber attacks.