One of the worst private data breaches of 2018: 500 millions Marriott guests’ records may have been stolen
December 17, 2018 at local time in Chicago. Marriott International Group claimed that their 500 millions guests private data may have been stolen by hackers.
Among them, the information compromised data of 327 millions guests included：
- telephone number
- passport number
- email address
- account number
- arrival and departure information
Some credit card numbers have also been leaked, which means that once the information is decoded, it will bring a series of unpredictable risks to the guest.
After the incident, the Marriott Group issued an official statement which mainly includes that Marriott:
- Reported this incident to the public and admitted that since 2014 there had been unauthorized third-party access records to the Starwood network.
- Reported the incident to law enforcement and relevant regulatory authorities. Established a dedicated website and a call center to provide aftercare service for consumer worldwide.
- Emailed each consumer (who has reserved email before) this incident and remedial measure. Provided a one-year free registration Webwatcher, a tool which could constantly monitor the risk of any data breach.
- Would gradually phase out the current database management system (DBMS).
In the hotel industry, the leakage of user information has already become extremely frequent. It’s necessary to establish an absolute legal bottom line in the aspect of UIM. The star rating criteria for the hotel industry should also take the level of protection of the database into account.