Malware
Marriott Agrees to Pay $52 Million in Landmark Settlement with FTC Over Massive Data Breaches
Marriott International is set to pay $52 million in a settlement with the FTC following a series of data breaches. Discover how these breaches exposed the personal information of millions of customers and the steps Marriott is taking to strengthen its cybersecurity posture to prevent future incidents.
Big news in the cybersecurity world: Marriott International and its subsidiary Starwood Hotels are on the hook for $52 million, plus the creation of a comprehensive information security program, as part of a settlement for data breaches that affected more than 344 million customers.
What does this mean for you, the U.S. consumer? For starters, Marriott and Starwood will have to implement a robust security program and allow customers to request personal data deletions.
And there’s more: The American hospitality giant has also agreed to pay $52,000,000 to 49 states to resolve claims related to these data breaches.
So, what happened with Marriott?
Marriott International is a major player in the hospitality industry, managing and franchising a huge portfolio of hotels and lodging facilities. They operate over 7,000 properties in 130 countries worldwide.
Starwood, on the other hand, was an American hotel and leisure company until Marriott acquired it in 2016. This acquisition made Marriott responsible for data security and related hotel operations.
The announcement from the FTC shines a light on three cases where Marriott dropped the ball when it came to protecting its customers’ information.
First, there was a data breach in June 2014 in which many Starwood customers’ payment card information was exposed. It took 14 months for this breach to be discovered and publicly disclosed, which left affected clients exposed to elevated risks for over a year.
Then, there was a second incident where hackers accessed 339 million Starwood guest account records, including 5.25 million unencrypted passport numbers. This breach occurred in July 2014 but wasn’t detected until September 2018, again leaving customers exposed for multiple years.
Lastly, a third breach impacted Marriott itself. In September 2018, malicious actors accessed the records of 5.2 million guests. The exposed data included names, email addresses, postal addresses, phone numbers, dates of birth, and loyalty account information. Marriott didn’t discover this compromise and inform its clients until February 2020.
What’s the deal with the settlement?
The FTC is accusing Marriott and Starwood of misleading consumers about their data security practices. Some of the outlined failures include poor password controls, outdated software, and a lack of appropriate monitoring in their IT environment.
As part of the settlement agreement, Marriott and Starwood will now have to:
- Establish a comprehensive information security program, complete with third-party assessments every two years and annual compliance certification for 20 years.
- Limit data retention to only what’s necessary and inform customers of the reason for collecting and keeping their data.
- Allow customers to request reviews of unauthorized activity in their loyalty accounts and restore stolen points.
- Provide a way for customers to request deletion of personal information linked to their email or loyalty account.
- Prohibit misrepresenting how personal data is handled and ensure transparency in security practices.
Marriott has also reached a separate settlement with 49 states and the District of Columbia, agreeing to pay $52,000,000 to resolve allegations and claims related to the above security incidents.
What can you do to protect yourself?
Data breaches like these are a harsh reminder that we need to be vigilant about our online security. Make sure to use strong, unique passwords for each of your accounts and keep an eye on your financial and loyalty accounts for any suspicious activity. Consider using a password manager to help you keep track of your passwords securely.
And remember, we’re always here to help. If you have any questions about cybersecurity or want to learn more about protecting your personal information, don’t hesitate to reach out to us. We’re committed to helping you stay informed and secure in this ever-changing digital landscape.
Malware
Cisco Ensures DevHub Site Leak Won’t Empower Future Breaches
Cisco has assured customers that a recent data leak from its DevHub site will not enable future cyber breaches. The leak exposed sensitive information, including users’ API keys, but Cisco has taken the necessary steps to mitigate the potential risks and protect its users’ security.
Recently, a threat actor managed to download non-public files from a misconfigured public-facing DevHub portal. Although this sounds alarming, we want to reassure you that the exposed documents do not contain information that could be exploited in future breaches of our systems.
What exactly was exposed?
Upon analyzing the exposed documents, we found that their contents include data that we publish for customers and other DevHub users. However, files that shouldn’t have been made public were also available, some belonging to CX Professional Services customers.
“So far, in our research, we’ve determined that a limited set of CX Professional Services customers had files included and we notified them directly,” we said.
Our teams have worked diligently to assess the content of those files. We want to emphasize that we have not identified any information in the content that an actor could have used to access any of our production or enterprise environments.
What actions have we taken?
We have since corrected the configuration and restored public access to the DevHub site. Additionally, we’ve confirmed that web search engines did not index the exposed documents.
This update comes after we confirmed last month that we took our public DevHub site offline (a resource center for customers where we publish software code, templates, and scripts) after a threat actor leaked what we described at the time as “non-public” data.
It’s important to note that we found no evidence that any financial data or personal information had been exposed or stolen from the public DevHub portal before it was taken offline.
What about the alleged access to a developer environment?
The threat actor behind the leak, IntelBroker, claimed that they also gained access to a Cisco JFrog developer environment through an exposed API token. While we maintain that our systems haven’t been breached, information shared by the threat actor indicates that they also breached a third-party development environment, allowing them to steal data.
We’ve been contacted with further questions about IntelBroker’s claims, but we have not replied as of yet.
What’s the takeaway from all of this?
While the exposure of non-public files is a concern, we want to reiterate that the information contained within those files does not put our systems at risk for future breaches. We have taken the necessary steps to correct the configuration issues and restore access to our DevHub site, ensuring that such an incident doesn’t occur again.
As always, your security is our top priority. We encourage you to reach out to us with any questions or concerns, and keep coming back to learn more about how we’re working to protect your data and keep you safe.
Malware
Interbank Admits to Data Breach After Unsuccessful Extortion Attempt and Massive Information Leak
Peruvian Interbank confirms a data breach after refusing to pay extortion demands. The hackers leaked customer information, but the bank assures no financial data was compromised. Interbank warns clients of potential phishing attacks and urges them to be cautious when providing personal information.
Imagine waking up one day to find your personal and financial information plastered all over the internet. It’s a nightmare scenario, isn’t it? Well, that’s precisely what happened to a group of customers at Interbank, one of Peru’s leading financial institutions, which serves over 2 million people.
Interbank confirms data breach
Interbank recently confirmed that a data breach occurred, with a hacker gaining unauthorized access to its systems and leaking stolen data online. The bank immediately deployed additional security measures to protect its clients’ operations and information. While their online platforms and mobile app experienced temporary outages, Interbank has assured customers that their deposits are safe and that most of their operations are back online.
Stolen data for sale on hacking forums
As if the breach wasn’t bad enough, a threat actor with the handle “kzoldyck” has been spotted by Dark Web Informer selling the stolen data on several hacking forums. The data in question includes customers’ full names, account IDs, birth dates, addresses, phone numbers, email addresses, IP addresses, and sensitive financial information like credit card numbers, CVV codes, and even plaintext credentials.
The hacker claims to have information on more than 3 million customers, with a total data cache of over 3.7 terabytes. They also mention possessing internal API credentials, LDAP, and Azure credentials. It’s worth noting that the hacker reportedly attempted to extort Interbank’s management two weeks prior, but the bank refused to pay.
So, what can you learn from this?
As a U.S. reader, you might be thinking, “That’s terrible, but it’s in Peru, so it doesn’t affect me.” Unfortunately, that’s not the case. Cybersecurity threats know no borders, and hackers are constantly seeking out new targets. In fact, data breaches have become increasingly common in recent years, with a 2021 report from the Identity Theft Resource Center showing a 17% increase in publicly reported data breaches in the U.S. compared to 2020.
This case serves as a stark reminder that no one is immune to the dangers of cyber threats. It’s essential to stay vigilant and educate yourself on how to protect your personal and financial information. Consider working with IT Services who can provide you with guidance and resources to stay one step ahead of the hackers.
Don’t let this happen to you
Be proactive in safeguarding your data and take the necessary steps now to protect your information. Reach out to us at IT Services to learn more about how we can help you and your business stay safe in this digital age. Remember, the best defense is a good offense, so don’t wait for a data breach to happen before taking action.
Malware
Free, France’s No. 2 ISP, Admits to Data Breach Following Shocking Leak
Free, France’s second-largest ISP, has confirmed a data breach impacting 700,000 customers. The exposed data includes names, addresses, emails, and phone numbers. The company has implemented additional security measures and is urging users to change their account passwords.
Imagine waking up one day to find out your personal information has been stolen by hackers. That’s precisely what happened to millions of customers of Free, a major internet service provider (ISP) in France. Over the weekend, the company confirmed that its systems were breached, and customer data was stolen.
Free is no small player in the telecommunications industry. With over 22.9 million mobile and fixed subscribers at the end of June, it’s the second-largest telecommunications company in France and a subsidiary of the Iliad Group, Europe’s sixth-largest mobile operator by the number of subscribers. That’s a lot of people potentially affected by this breach!
The company has taken action by filing a criminal complaint with the public prosecutor and notifying the French National Commission for Information Technology and Civil Liberties (CNIL) and the National Agency for the Security of Information Systems (ANSSI) of the incident.
What happened and who is affected?
According to a Free spokesperson, the hack targeted a management tool that exposed subscribers’ data. Thankfully, the attackers failed to access customer passwords, bank card information, and communications content (including “emails, SMS, voice messages, etc.”). However, the data that was stolen is now being auctioned on BreachForums to the highest bidder.
The threat actor responsible for the breach, known as “drussellx,” claims that the breach impacts almost a third of France’s population. They say that the data breach affects 19.2 million customers and contains over 5.11 million International Bank Account Numbers (IBANs). It affects all Free Mobile and Freebox customers and includes the IBANs of all 5.11 million Freebox subscribers.
How can you protect yourself?
Free has assured its customers that the stolen IBANs are “not enough to make a direct debit from a bank.” However, it’s essential for subscribers to be vigilant against phishing attempts. Never communicate your access codes or bank card information, whether by email, SMS, or during a call. If you notice an unusual direct debit that doesn’t correspond to any known invoice amount or date, inform your bank, as they’re obliged to reimburse you for fraudulent charges.
So, what can we learn from this incident? Cybersecurity threats are real and can affect anyone, even major telecommunications companies. It’s crucial to stay informed about potential risks and take steps to protect our personal information.
Stay informed and stay protected
As your trusted IT Services provider, we’re here to help you stay informed about cybersecurity threats and keep your information safe. Our team of experts is always on the lookout for the latest cybersecurity news, trends, and best practices. So don’t hesitate to contact us for guidance and advice on how to keep your data secure. And remember, knowledge is power – the more you know about cybersecurity, the better equipped you’ll be to protect yourself and your information.
-
Malware1 year ago
Flagstar Bank’s Latest Data Breach: 800,000 Customers Impacted, Marking the Third Incident of 2021
-
Malware1 year ago
Blackbaud: Taking Responsibility with a Landmark $49.5 Million Settlement for Devastating Ransomware Data Breach
-
Data Protection Regulations12 months ago
Top Data Protection Officer Certification Courses Reviewed
-
Data Protection Regulations12 months ago
Top 11 Data Protection Training Programs for Compliance
-
Security Audits and Assessments12 months ago
Mastering Healthcare Data Security: 5 Essential Audit Tips
-
Data Protection Regulations12 months ago
Navigating Data Protection Laws for Nonprofits
-
Data Protection Regulations12 months ago
9 Best Insights: CCPA’s Influence on Data Security
-
Security Audits and Assessments12 months ago
HIPAA Security Risk Assessment: Essential Steps Checklist