It seems that hacking and breaches are the season. It seems hackers are determined to hack systems and steal the personal information of innocent users. Quora reported its breach on December 7, 2018 and Marriott reported its breach on November 30, 2018.
Marriott data breach:
Here’s what we know about the Marriott data breach.
Starwood’s guest reservation database was affected by a security incident
Starwood brands include W Hotels, St. Regis Hotels & Resorts and Westin Hotels & Resorts. Element Hotels, Aloft Hotels and The Luxury Collection. Four Points by Sheraton, Le Meridien Hotels & Resorts are also included. Starwood branded timeshare properties (Sheraton Vacation Club, Westin Vacation Club, The Luxury Collection Residence Club, St. Regis Residence Club, and Vistana) are also included” (Reference: https://answers.kroll.com/)
This Starwood hotel group was purchased by Marriott in 2016.
All Starwood guests who stayed at Starwood properties on or before September 10, 2018, may have their data compromised
The 2014 Starwood guest database could have been accessed by someone else.
It is possible that information about approximately 500 million guests could have been compromised
Information such as name and mailing address, phone number and email address, passport number, Starwood Guest (“SPG”) account information and date of birth, gender and arrival and departure information, reservation dates, communication preferences, and reservation date may have been compromised for 327 million guests.
Other information that could have been stolen include payment card numbers, expiration dates, and payment card numbers. Although the payment card numbers were encrypted using AES-128 bit encryption, there is still a possibility that they could have been accessed.
What are you doing?
Marriott has reported the breach to law enforcement
To answer any questions about the breach, Marriott has established a call center in several countries.
All Starwood guests have received an email notification
Patrons and guests are also asked to sign up for WebWatcher, a monitoring program that remotely tracks emails, SMS, Twitter, and other communications. This is done in order to track any private information that may have been leaked on any social networking sites.
Marriott may pay for US passports for the affected patrons if they can show that they were affected by fraud
What can you do?
For any unusual charges, users are asked to keep an eye on their bank account and credit card statements.
Users are also asked to change their passwords
It is important to be vigilant and watch out for fraudulent activity. If you see anything suspicious, alert the local law enforcement immediately.
Patrons who suspect that their US passport has been compromised should apply for a new passport.
Quora data breach:
Question and answer site ‘Quora,’ reported a unauthorized access that affected 100 million customers’ personal details on December 7, 2018.
What was the compromise?
Name, email address, encrypted passwords, data from other accounts
Upvotes, downvotes and answer requests. Questions, answers, and more.
Answers and questions from anonymous users were not affected
What is Quora doing?
All users who were allegedly breached were logged out and asked to log in with a new password
So that such incidents don’t happen in the future, security improvements are promised
What can you do?
Passwords for ‘Quora’ and other passwords need to be changed
It is important to ensure that passwords are different for different sites.
It is also a good idea to not link sites so that hackers cannot gain access to personal information via other sites even if one site is compromised.