Home » Blog » financial details

Tag: financial details

hacked email

Marriott Hotels Exposed 500 Million Customer Records. Make Sure Your Business Doesn’t Suffer the Same Fate.

Up to 500 million travelers could be compromised as hotel chain Marriott International have announced a security breach in their guest database. Analysts recently alerted the firm to a vulnerability that has granted hackers access to the hotel chain’s systems since 2014.

The firm announced their Starwood Preferred Guest (SPG) loyalty program was compromised for an extended period which left customers vulnerable. The exploit exposed critical guest information which included names, addresses, passport numbers, and dates of birth. Marriott also announced an unknown number of customers had encrypted credit card details stolen in the attack.

If you have been a member of Marriott’s Preferred Guest Program or a customer of Marriott hotels in the past, you should take steps today to ensure your data security. By doing so, you can protect your finances, prevent identity theft, and defend your data from attackers looking to exploit an opportunity.

Secure Your Data

Changing your Marriott password should, of course, be the first step to protecting your accounts. Even more importantly, sites where that same password may have been reused should be updated with new credentials too. Hackers commonly try details stolen from one site to access popular services and pages. We encourage everyone to use a password manager to store their details for safe use in the future. A good password manager enables unique, random, and strong passwords to be used with ease for every single website.

While we can’t stop hacks on systems outside of our control; we can defend our other accounts from being accessed by criminals.

With secure password management, attacks on your business services or related accounts from a single hack are made impossible.

Performing Damage Control

The damage to the Marriott International brand following news of the leak will be undoubtedly huge. At a minimum, they have lost the trust of their customers worldwide. Asking customers to leave their personal and financial details again to pay for goods and services will be no small feat.

News of the hack made front page news as it broke, further damaging the firm’s reputation among potential future customers too. As a result of a simple security attack, Marriott International will be forced into damage limitation to keep customers returning to the brand. This is why business security matters to us; when done right it’s cheaper by far.

The total cost of this latest attack won’t be known for years to come. The firm is vulnerable to lawsuits worldwide, in some cases liable for financial losses, and required to purchase identity monitoring and security services for affected customers. Business owners can learn from Marriott’s costly lesson.

Stopping an Attack in its Tracks

Marriott’s security breach was recently discovered, hitting the headlines just this week, but the firm admitted unauthorized access took place since 2014. This means the firm had a security hole for four years that they were unable to detect or patch.

For a firm of any size, this should be unacceptable. As business owners, we shouldn’t accept security vulnerabilities that leave our records, finances, or services open to hackers. As customers, we shouldn’t accept our data being treated so carelessly. The recent Marriott hack underlines the need for businesses to maintain constant network monitoring, regular security updates, and a lockdown on data access.

Protect Your Business and your Customers – Any business can find their systems vulnerable to attack at some point. Whether waiting for updates, a newly released zero-day hack, or malicious employee; responsible firms take steps to limit their liability.

As a rule, staff accounts should be locked to only the systems the regularly need to access. Similarly, customer data should only be open on an as-needed basis when a legitimate requirement exists. These steps, alongside systems and data monitoring, prevent a small-scale attack resulting in an enormous data breach. Strong security enables customers to place and maintain their trust in a brand they can keep coming back to again and again.

If your business could use a security update to protect against a Marriott style attack in the future, give us a call today at 570-779-4018.

4 Simple Tips to Keep Your Internet Banking Safe

Online banking has boomed in the past few years to become the new norm. Branches are out and apps are in. Half the time when you visit a branch, you’re steered towards a computer for a DIY transaction – with optional assistance. But is internet banking really safe? You’re always told to keep your financial details private, but now also to jump on board the online banking train – talk about a push/pull scenario! The good news is you CAN bank safely online with a few simple precautions.

Always type in the website address

Many attackers will attempt to trick you into clicking a fake link to your bank website. Usually sent as a ‘phishing email’, they’ll claim there’s a problem and ask you to click through to your bank and correct it ASAP. The link points to a fake website that looks almost exactly like your real bank site and is recording your private account info. You can avoid scams like this simply by accessing your bank by manually typing in the website or using a bookmark.

Avoid public computers and networks

Jumping onto a PC at the library or mall might seem like a quick and easy way to check your account, but public computers are often targeted by scammers. In just a few moments, they can install keyloggers to record usernames, passwords and other private data, then sit back as all future user details are emailed to them. The same problem applies with free, unsecured Wi-Fi. You’re better off using an ATM or a data-enabled smartphone.

Use a strong password with 2- factor authentication

Create a unique password for your online banking, something you’ve never used anywhere else. Mix up words, numbers and symbols to create a complex password that can’t be guessed easily. Avoid giving attackers a head start with data they can find on Facebook, like kids names, pet names, birthdates, etc and really think outside the box. And of course, never write it down anywhere near your wallet, phone or computer. If remembering is likely to be an issue, you might like to consider a secure password manager app. Many banks will also help boost your security with two-factor authentication, sending random codes to your phone (or a special LCD device they provide) to verify any activity.

Check page security before entering data

Finally, take a micro-second to spot the small padlock icon before you enter any data. You’re looking for a padlock appearing as part of the browser itself, not just an image on the webpage. It will be either in the bottom corner or next to the URL. The address will also start with httpS:// instead of http://. If you don’t see these things, the page is NOT secure and you shouldn’t log in.