Home » Blog » data breach

Tag: data breach

hacked email

Marriott Hotels Exposed 500 Million Customer Records. Make Sure Your Business Doesn’t Suffer the Same Fate.

Up to 500 million travelers could be compromised as hotel chain Marriott International have announced a security breach in their guest database. Analysts recently alerted the firm to a vulnerability that has granted hackers access to the hotel chain’s systems since 2014.

The firm announced their Starwood Preferred Guest (SPG) loyalty program was compromised for an extended period which left customers vulnerable. The exploit exposed critical guest information which included names, addresses, passport numbers, and dates of birth. Marriott also announced an unknown number of customers had encrypted credit card details stolen in the attack.

If you have been a member of Marriott’s Preferred Guest Program or a customer of Marriott hotels in the past, you should take steps today to ensure your data security. By doing so, you can protect your finances, prevent identity theft, and defend your data from attackers looking to exploit an opportunity.

Secure Your Data

Changing your Marriott password should, of course, be the first step to protecting your accounts. Even more importantly, sites where that same password may have been reused should be updated with new credentials too. Hackers commonly try details stolen from one site to access popular services and pages. We encourage everyone to use a password manager to store their details for safe use in the future. A good password manager enables unique, random, and strong passwords to be used with ease for every single website.

While we can’t stop hacks on systems outside of our control; we can defend our other accounts from being accessed by criminals.

With secure password management, attacks on your business services or related accounts from a single hack are made impossible.

Performing Damage Control

The damage to the Marriott International brand following news of the leak will be undoubtedly huge. At a minimum, they have lost the trust of their customers worldwide. Asking customers to leave their personal and financial details again to pay for goods and services will be no small feat.

News of the hack made front page news as it broke, further damaging the firm’s reputation among potential future customers too. As a result of a simple security attack, Marriott International will be forced into damage limitation to keep customers returning to the brand. This is why business security matters to us; when done right it’s cheaper by far.

The total cost of this latest attack won’t be known for years to come. The firm is vulnerable to lawsuits worldwide, in some cases liable for financial losses, and required to purchase identity monitoring and security services for affected customers. Business owners can learn from Marriott’s costly lesson.

Stopping an Attack in its Tracks

Marriott’s security breach was recently discovered, hitting the headlines just this week, but the firm admitted unauthorized access took place since 2014. This means the firm had a security hole for four years that they were unable to detect or patch.

For a firm of any size, this should be unacceptable. As business owners, we shouldn’t accept security vulnerabilities that leave our records, finances, or services open to hackers. As customers, we shouldn’t accept our data being treated so carelessly. The recent Marriott hack underlines the need for businesses to maintain constant network monitoring, regular security updates, and a lockdown on data access.

Protect Your Business and your Customers – Any business can find their systems vulnerable to attack at some point. Whether waiting for updates, a newly released zero-day hack, or malicious employee; responsible firms take steps to limit their liability.

As a rule, staff accounts should be locked to only the systems the regularly need to access. Similarly, customer data should only be open on an as-needed basis when a legitimate requirement exists. These steps, alongside systems and data monitoring, prevent a small-scale attack resulting in an enormous data breach. Strong security enables customers to place and maintain their trust in a brand they can keep coming back to again and again.

If your business could use a security update to protect against a Marriott style attack in the future, give us a call today at 570-779-4018.

The True and Unexpected Costs of Being Hacked

There are the normal costs everyone associates with a breach, like getting your own server and computers fixed up, with maybe a little downtime. But really, most businesses view the possibility of getting hacked as more of an inconvenience than a bottom-line cost. For those who’ve come out the other side though, it’s a very different story. They know the hidden and ongoing costs of a data breach can be crippling, and that IT security exists to protect your business on multiple levels. All those surprise costs that spiral out of control are why most businesses close after a cyber-attack. Here are a few of the hard, but common realities of life after a hack.

Raiding the budget to reduce downtime

From the moment a cyber-attack gets into your system, things get expensive, and the longer the attack goes, the more it costs. Latest stats reveal most breaches aren’t identified for around 191 days, then it can take on average another 66 days to contain the damage. During this time you’re cleaning PCs, mobile devices, laptops, servers and even entire networks. Add to this the fee for experts to fix everything up, all the new tools and software they insist you have, and all the hours/days/weeks when your business is struggling with downtime, you’ll exhaust your emergency funds very quickly.

The long arm of the law

Depending on what data was stolen and how you handled the situation, you could be liable for fines into the millions. Having any medical data or legal files leak is a particularly messy scenario with fines coming from multiple sources. In any case, new privacy laws mean businesses are liable for massive fines if they don’t disclose a data breach, even if only email addresses were stolen. Where this gets even trickier is that the burden is on your business to know exactly what data has been stolen/illegally accessed, so you can report it before the fines stack up. This means that even if you were able to fix up the systems yourself, you still need to hire an expert who can identify exactly what the hackers took, from where and when.

Customer retention measures

In a double-down crush to your bottom line, not only does your business have to bear the cost of the hack, your future income takes a hit as customers lose trust and leave. To offset this, many businesses need to engage PR experts, spend more on advertising, and go all out to ensure they survive to fight another day. Even so, your breach disclosure will still come up in search results for many years. The more negative publicity your breach attracts, the more you’ll need to spend on customer retention.

All your secrets exposed

While you may not have Pentagon level secrets to protect, your business does have information that you’d like to keep to yourself. Hackers love going after those juicy tidbits, and the more closely you guard them, the more attractive they are. Think Coca Cola recipe, Big Mac Secret Sauce or 11 Herbs & Spices…While those corporations would be big enough to keep their competitive edge after the breach, your business success relies on at least some information staying secret. It may not be a secret recipe, but your proprietary methods and databases have a black-market value all of their own.

But simply avoiding a breach doesn’t cost much at all…

The thing is, it’s not expensive to stay on top of it all and keep your business protected. For a low monthly fee, we can reverse the entire scenario and secure your systems against the unknown. That means no need to raid other department budgets in a panic, pay crippling fines, make embarrassing public announcements, or fight to retain your competitive edge.

We can help with making sure your systems have the latest security patches and your anti-virus knows the latest tricks to watch for. Our technicians can build a virtual fortress around your business that keeps the bad guys out while letting you thrive, and even monitor security with early warning systems. Whatever your needs are, both now and moving ahead, we’re here to help keep you safe while keeping your IT costs low.

Ready to secure your business against breaches? Give us a call today on 570-779-4018.