Marriott Data Breach 2020: When and How Did It Happen?
The breach was identified at the end of February 2020 and dates back to mid-January 2020.
Marriott says it discovered in late February that the network of an unspecified hotel chain had been hacked, and hackers who obtained the login credentials of two Marriott employees may have accessed the guest details. The firm has reason to believe the operation began as early as mid-January.
The breach may have taken personal details such as names, birthdates, and telephone numbers, along with language preferences and loyalty account numbers.
Marriott stated, “While our investigation is continuing, we currently have no reason to assume that the details involved included passwords or PINs for Marriott Bonvoy account, payment card details, passport information, national IDs or driver’s license numbers.”
Adding to it, Marriott said it contacted guests whose details may have been taken via email and launched a website dedicated to those who were affected. The company offered the program for tracking the personal information of visitors whose details could have been compromised.
The hotel giant announced another data breach in late 2018, which affected up to 500 million guests while staying at its subsidiary, Starwood, purchased by the company in 2016.
It could be considered an honest mistake to suffer one data breach but to suffer two in less than two years looks like carelessness. There are some promising signs that the company has learned some valuable information security lessons in spite of how it may look to an outsider. From this experience, the entire hospitality industry should now know better.
What does the Hotel Industry do to avoid data breaches like Marriott’s?
1. Develop a Security-Centric Culture at the Top Level.
When the security of customer identities and profiles is priority number one. A security-centric mindset ensures a serious approach to customer data security. The approach should be top-down instead of bottom-up, with responsibility resting with the CEO and board.
#2 Stay ahead of the security curve.
It’s okay to be cautious in adopting innovations, but when it comes to customer data security products, companies should be proactive, constantly reviewing and trying new developments to stay ahead of hackers.
#3 Make your security spend for customer data security unbudgeted.
Invest whatever it takes to protect sensitive customer data. Yes, stay within your financial metrics, but don’t cap the budget, because capping it means you’re compromising. Give the security team whatever they request to protect the brand. It’s not going to cost billions.
#4 Recognize that customer data security is not a cost centre but a revenue centre.
Companies need to understand that customer data security is part of the revenue centre, not the cost centre. With better security, you are not only preventing breaches, but you are also building trust within your customer base to generate more revenue.
Let’s hope that Marriott and its peers in the travel industry have learned that, while the security of customer accounts may not be their core business, it still needs to be priority number one.
I know you might agree with some of the points that I have raised in this article. You might not agree with some of the issues raised. Let me know your views about the topic discussed. We will appreciate it if you can drop your comment. Thanks in anticipation.
Download Our App.
CEHNigeria On Google Playstore
Download Our Blog App On Google Playstore.
GET SEOPOZ. OUTSMART YOUR BLOG COMPETITORS
Have a deeper understanding of Google Search Console. Join SEOPOZ for free.
Join Our Whatsapp Group Here
Join Our Whatsapp Group
Follow Us On Twitter and I will Follow Back
Follow Us On Twitter
Kindly follow me on Twitter and I promise I will follow back. Aside you will get updated when we post new articles.