Podcast Episode Details
Back to Podcast Episodes
Massive Marriott Data Breach, Secure Holiday Shopping Tips, Phishing Sites Using HTTPS – WB45
Watch this episode on our YouTube channel!
This is your Shared Security Weekly Blaze for December 3rd 2018 with your host, Tom Eston. In this week’s episode: the massive Marriott data breach, secure holiday shopping tips, and phishing sites using HTTPS.
Silent Pocket is a proud sponsor of the Shared Security Podcast! Silent Pocket offers a patented Faraday cage product line of phone cases, wallets and bags that can block all wireless signals, which will make your devices instantly untrackable, unhackable and undetectable. Use discount code “sharedsecurity” to receive 15% off of your order. Visit silent-pocket.com to take advantage of this exclusive offer.
Hi everyone, welcome to the Shared Security Weekly Blaze where we update you on the top 3 cybersecurity and privacy topics from the week. These podcasts are published every Monday and are 15 minutes or less quickly giving you “news that you can use”.
In late breaking news last Friday Marriott, the world’s largest hotel chain, disclosed a massive data breach that was identified on September 8th of this year affecting up to 500 million guests. That will make this data breach one of the largest in history. Apparently, the Starwood guest reservation database had been accessed by an “unauthorized party” since 2014, yes that’s correct someone had access to this database for 4 years. Private information stolen was categorized by Marriott in two groups of guests. First, approximately 327 million guests had some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences accessed. Some of these guests also had their credit card information accessed, even though Marriott states it was encrypted. However, Marriot disclosed that two components used to encrypt the cards (aka: the encryption keys) were potentially stolen as well. For the remaining 173 million guests only name and sometimes other data such as mailing address, email address, or other information was accessed.
In our show notes we’ve linked to a web page that Marriot has set up where you can find additional details as well as to sign up for your “complimentary” monitoring service if you’re one of the victims. If you happen to be a victim, like with other data breaches you should change your password for any Starwood Hotels or Marriott rewards program. And while you’re at it, ensure you’re not saving your credit card details for future use. In general, it’s always advisable to never store your credit card with the sites and services you use. While an inconvenience, the majority of the time, even when credit card data is encrypted, is usually compromised in a data breach when the encryption keys are also found. Per the other usual advice we give, enable two-factor authentication and of course, closely monitor your credit card statements for unusual activity. As this story will likely evolve throughout the week, we’ll keep you updated on our Twitter and Facebook with information about this data breach as we receive it.
Edgewise Networks is the first zero trust platform that stops data breaches by allowing only verified software to communicate in your cloud and data center.
Micro segmentation projects can be costly and difficult, but Edgewise offers a new approach: zero trust segment
Published on 7 years ago