INSUBCONTINENT EXCLUSIVE:
Marriott flag hangs at the entrance of the New York Marriott Downtown hotel in Manhattan
seeking $12.5 billion in damages, cyber security experts today asked nearly 500 million affected customers globally to change passwords and
take other precautions.According to a report in ZDNet on Monday, the lawsuits were filed in the US state of Oregon and Maryland."While
plaintiffs in the Maryland lawsuit didn't specify the amount of damages they were seeking from Marriott, the plaintiffs in the Oregon
lawsuit want $12.5 billion in costs and losses," said the report.Marriott International on November 30 revealed that its guest reservation
system was hacked, exposing the personal information of approximately 500 million guests.According to cyber security experts, questions need
to be asked as to how 500 million guests have been affected by this data breach."While we''re still only beginning to assess the true extent
of the attack, ultimately, the security solutions the Starwood Hotels and Marriott Group had in place clearly weren''t sufficient enough if
it allowed an unauthorised third party to get into the system," said David Emm, Principal Security Researcher at Kaspersky Lab."The data was
encrypted, but the attackers potentially stole the keys too - highlighting that an extra layer of security should have been in place to
prevent this from happening
This data breach is now one of the most critical data breaches in history," Emm said in a statement.The hotel chain said the hack affected
its Starwood reservation database, a group of hotels it bought in 2016 that included the St
Regis, Westin, Sheraton, W Hotels, Le Meridien and Four Points by Sheraton.According to John Shier, Senior Security Advisor, Sophos, the
potential fallout from the Marriott''s Starwood data breach should be alarming to anyone who has stayed at a Starwood property in the last
four years."Not only are guests at risk for opportunistic phishing attacks, but targeted phishing emails are almost certain, as well as
phone scams and potential financial fraud," said Shier.Unlike previous breaches, this attack also included passport numbers for some
individuals who are now at increased risk for identity theft."At this point, however, it''s unclear what level of exposure each individual
victim has been subject to
Until then, all potential victims should assume the worst and take all necessary precautions to protect themselves from all manner of
scams," said Sophos.Be on alert for spearphishing, opportunistic phishing, monitor your financial accounts and change passwords as a
precaution, it added.Marriott said that it reported the breach to law enforcement and was also notifying regulatory authorities
The hotel chain shares witnessed a maximum 8.7 per cent drop after announcing the data breach.
