Starwood Hotels Starwood Hotel (Sheraton, Westin, etc.) Hacked and stolen information about a database dedicated to the user reservation.
Piracy is no longer a rare thing for businesses. But this marks its importance. On Friday, Marriott Marriott's hotel hotel announced that hackers had "unauthorized access" to the Starwood hotel network, one of its affiliates. More than 500 million users around the world are in the information. This refers to people who have booked different chain brands, such as Westin, Le Méridien, Sheraton, St Regis, Element, W, Four Points or Aloft.
For 327 million victims, stolen data consists of a combination of name and surname, email address, telephone number, postal address or passport number. For other unknown numbers, they are bank data stolen. They are stored in encrypted form, ie Protected. However, Marriott "can not rule out the ability to decrypt data" were also stolen.
Great fines are possible
"We contacted the authorities and supported their investigation," says Marriott International in a statement published on the DIP website, US Stock Exchange Constable. The US group explains that victims of this piracy will soon be contacted via e-mail. "We deeply regret this incident," says Arne Sorenson, CEO of Marriott. "We were disappointed with our customers and we were disappointed with ourselves. We will do everything to support our clients and learn from our mistakes."
The security risk was first discovered in September. However, according to the Marriott investigation, the Starwood network has already been broken several times since 2014. "We discovered that the third party copied and encrypted certain data and tried to remove them from the database," says the hotel group. "On November 19, we managed to decipher this data and find that Starwood reservation database."
The scope of this piracy is particularly serious. In 2017, Yahoo! has recognized several security breaches affecting the total billions of 3 billion people around the world. That same year Equifax, a credit rating expert in the United States, stolen sensitive information about 143 million Internet users. If this incident is hit by European buyers, Marriott faces severe penalties. Since the introduction of the European Data Regulation (RGPD), companies that are victims of security breaches that endanger their customers' data are faced with a fine of up to 4% of their worldwide traffic.