Monthly Archives: November 2018

Marriott Hit by Massive Data Breach: 500 Million Starwood Customers Impacted

Marriott International said early Friday that data on roughly 500 million customers staying at Starwood hotel properties had been compromised in a breach that gave unknown attackers access to the Starwood network since 2014.

The company said it has not finished identifying duplicate information in the database, but believes it contains information on up to approximately 500 million guests who made a reservation at a Starwood property.

The hotel giant said that on September 8, 2018, it received an alert from an internal security tool regarding an attempt to access the Starwood guest reservation database. The company said it “quickly engaged leading security experts” to conduct an investigation, which found that there had been unauthorized access to the Starwood network since 2014.

“Marriott recently discovered that an unauthorized party had copied and encrypted information, and took steps towards removing it. On November 19, 2018, Marriott was able to decrypt the information and determined that it was from the Starwood guest reservation database,” the company said in a breach disclosure.

According to the company, customers who made a reservation on or before September 10, 2018 at a Starwood property likely had their information compromised, which the company broke down as follows:

For approximately 327 million of these guests, the information includes some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest (“SPG”) account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences. For some, the information also includes payment card numbers and payment card expiration dates, but the payment card numbers were encrypted using Advanced Encryption Standard encryption (AES-128). There are two components needed to decrypt the payment card numbers, and at this point, Marriott has not been able to rule out the possibility that both were taken. For the remaining guests, the information was limited to name and sometimes other data such as mailing address, email address, or other information. Marriott reported this incident to law enforcement and continues to support their investigation.

Marriott completed its acquisition of Starwood Hotels & Resorts Worldwide to create the worlds’ largest hotel company.

Starwood brands include: W Hotels, St. Regis, Sheraton Hotels & Resorts, Westin Hotels & Resorts, Element Hotels, Aloft Hotels, The Luxury Collection, Tribute Portfolio, Le Méridien Hotels & Resorts, Four Points by Sheraton and Design Hotels.

Starwood branded timeshare properties were also impacted by the incident.

Marriott said it was working to phase out Starwood systems and accelerate ongoing security enhancements to its network.

Shares of Marriott International are trading down roughly 6% in pre-market trading at the time of publishing. 

 

Via:  securityweek

Congress Approves Creation of New Cybersecurity Agency at DHS

U.S. DEPARTMENT OF HOMELAND SECURITY

Office of Public Affairs


FOR IMMEDIATE RELEASE

November 16, 2018

Cybersecurity and Infrastructure Security Agency

On November 16, 2018, President Trump signed into law the Cybersecurity and Infrastructure Security Agency Act of 2018. This landmark legislation elevates the mission of the former National Protection and Programs Directorate (NPPD) within DHS and establishes the Cybersecurity and Infrastructure Security Agency (CISA).

  • CISA leads the national effort to defend critical infrastructure against the threats of today, while working with partners across all levels of government and in the private sector to secure against the evolving risks of tomorrow.
  • The name CISA brings recognition to the work being done, improving its ability to engage with partners and stakeholders, and recruit top cybersecurity talent.

What Does CISA Do?

CISA is responsible for protecting the Nation’s critical infrastructure from physical and cyber threats. This mission requires effective coordination and collaboration among a broad spectrum of government and private sector organizations.

Proactive Cyber Protection:

  • CISA’s National Cybersecurity and Communications Integration Center (NCCIC) provides 24×7 cyber situational awareness, analysis, incident response and cyber defense capabilities to the Federal government; state, local, tribal and territorial governments; the private sector and international partners.
  • CISA provides cybersecurity tools, incident response services and assessment capabilities to safeguard the ‘.gov’ networks that support the essential operations of partner departments and agencies.

Infrastructure Resilience:

  • CISA coordinates security and resilience efforts using trusted partnerships across the private and public sectors, and delivers training, technical assistance, and assessments to federal stakeholders as well as to infrastructure owners and operators nationwide.
  • CISA provides consolidated all-hazards risk analysis for U.S. critical infrastructure through the National Risk Management Center.

Emergency Communications:

  • CISA enhances public safety interoperable communications at all levels of government, providing training, coordination, tools and guidance to help partners across the country develop their emergency communications capabilities.
  • Working with stakeholders across the country, CISA conducts extensive, nationwide outreach to support and promote the ability of emergency response providers and relevant government officials to continue to communicate in the event of natural disasters, acts of terrorism, and other man-made disasters.

Organizational Changes Related to the CISA Act

The CISA Act establishes three divisions in the new agency: Cybersecurity, Infrastructure Security and Emergency Communications.

  • The Act transfers the Office of Biometrics Identity Management (OBIM) to DHS’s Management Directorate. Placement within the DHS Headquarters supports expanded collaboration and ensures OBIM’s capabilities are available across the DHS enterprise and the interagency.
  • The bill provides the Secretary of Homeland Security the flexibility to determine an alignment of the Federal Protective Service (FPS) that best supports its critical role of protecting federal employees and securing federal facilities across the nation and territories.