Kayla Matthews

By: Kayla Matthews on December 17th, 2018

Print/Save as PDF

Behind the December Marriott and Quora Hacks: What You Need to Know

Security

Subscribe to vXchnge Blog

The year 2018 has not reached a smooth conclusion for Marriott and Quora. These companies are two of the latest to report massive data breaches.

The details will help people decide what to do next if they're potentially affected.

Starwood Hotels Had a Longstanding Vulnerability

When people research Marriott's recent data issue, they'll likely see the name Starwood come up too. Starwood Hotels is a subsidiary of Marriott.

In early September, Marriott employees received an alert from an internal security tool that there was an attempt to gain unauthorized access to the Starwood reservation database. It included data from numerous hotel properties, though not those bearing the Marriott name. Marriott uses a different reservation database on another network.

Those investigating the incident initially discovered that an unauthorized party had copied and encrypted information and started to remove it. Once those individuals decrypted the content, they realized it related to hotel reservations. One unsettling thing is that Marriott says the amount and type of information varied by person.

The hotel chain revealed that the information could include details like departure and arrival dates, passport numbers and credit card numbers. Although the last of those was encrypted, the brand isn't sure whether the breach allowed the infiltrating party to obtain both pieces of information needed to decrypt the credit card numbers.

Worse still, Marriott believes this issue could affect approximately 500 million guests. It seems that Marriott's internal security infrastructure needs substantial improvement. Those looking into this matter determined that there had been unauthorized access to the Starwood network dating back to 2014.

What Has the Company Done?

Marriott asserts that it acted quickly since learning of the breach. It clarified that the issue could apply to anyone who stayed in a Starwood Hotels property on or before September 10, 2018. If people are worried that their data was taken and want to learn about the recommended steps, they can contact the dedicated call center Marriott set up to deal with the problem. There are specific numbers to use based on people's countries of residence.

When individuals' email addresses were in the affected Starwood database, Marriott started sending email notifications to those parties at the end of November. The brand is also working with law enforcement and regulatory authorities.

Moreover, people from the United States, the United Kingdom and Canada are eligible to sign up for a year's worth of complimentary WebWatcher service. It monitors internet sites that share personal information and gives enrolled people notifications if WebWatcher finds their details online. Residents of the U.S. will also get free fraud consultation services and reimbursement coverage.

Potentially the Work of Nation-State Hackers

Most hacking attempts start when cybercriminals examine networks of interest to find flaws. They then exploit those problem areas to get the desired information. Data breaches are not a recent problem either. In 2014, an incident compromised 145 million eBay records, for example.

Marriott has not given details about the perpetrators. However, cybersecurity experts believe the recent breach could be the work of people who aim to build comprehensive databases to do things like tracking the movements of diplomats or getting other details foreign nations may want. Some analysts reached that conclusion after pointing out that the stolen data has not yet appeared on the dark web, which suggests that those responsible did not want to sell what they took.

Quora in the Spotlight Too

Quora, a top site for questions answered courtesy of crowdsourcing, was also a successful target for hackers. According to a company blog post, that incident may have compromised the data of approximately 100 million users. The information potentially obtained includes account information as well as the content associated with public and non-public actions taken on the site.

If a person has a Quora account, they can assume there's a good chance their information was taken. The number affected by this hack represents a third of the site's monthly active users as of September 2018.

Quora says the majority of the breached information was already viewable on the site but admits that the compromised account details are a serious matter. They also mentioned that if users posted content anonymously, those individuals were not affected by this hack. However, people who used other sites linked to Quora when making their accounts may find themselves victimized.

Actions Taken by the Company

Quora became aware of the problem on November 30 and is sending notifications to users who had data stolen. The organization is also logging people out of their accounts if there's a chance they may have been affected.

There are updates about the incident on a page within the Quora Help Center too. The company recommends people reset their passwords and do not use the same passwords for multiple sites. The Quora users who get emails to say they were affected will also get more detailed suggestions for steps to take.

The content from Quora also gives details about how people can delete their Quora accounts or request archived copies of all the information the company has on them. Worried users can take those actions if they choose. However, due to the type of material it regularly collects, the organization does not believe users are at risk of identity theft.

According to a Quora update published on December 13, the company knows that a "malicious third party" was involved but has not learned more precise identity-based details. Law enforcement officials are working on the case and attempting to confirm that all-important information.

Breaches Happening With Astonishing Regularity and Severity

Since data breaches happen so often and affect such a substantial number of customers, it's understandable if people who use the internet or provide their data in other ways believe they're not safe from vulnerabilities no matter what.

These recent attacks, as well as all the others this year, illuminate why it's crucial for companies to take cybersecurity seriously and keep intruders out of their networks with proactive and decisive measures.

 
Speak to an Expert

About Kayla Matthews

Kayla Matthews writes about data centers and big data for several industry publications, including The Data Center Journal, Data Center Frontier and insideBIGDATA. To read more posts from Kayla, you can follower her personal tech blog at ProductivityBytes.com.

  • Connect with Kayla Matthews on: