Author Topic: Marriott (Starwood database) hacked. 500 million affected ...  (Read 1909 times)

0 Members and 1 Guest are viewing this topic.

Offline six-point socket II

  • Posts: 833
  • aka @the_black_tie_diyer
... For 327 million that includes Passport number(s), mailing address(es), Credit Card details, E-Mail address(es) ...

I thought I post it here as I recall reading that some people have stayed at Marriott/Starwood ...

https://www.bloomberg.com/news/articles/2018-11-30/marriott-found-unauthorized-starwood-database-access-since-2014-jp3xbq64

Kind regards,
Oliver
Kind regards,
Oliver

Offline GoingMyWay

  • Posts: 727
Re: Marriott (Starwood database) hacked. 500 million affected ...
« Reply #1 on: November 30, 2018, 10:00 AM »
Oh dear.  That's not good - up to 500 million guests!
Inquiring Minds Want to Know

TS55, CT26, RO150, CXS, ETS 150/3, ETS EC 150/5, MFT/3, TS75, DF500, DTS400, OF1400, CT SYS

Offline JimH2

  • Posts: 720
Re: Marriott (Starwood database) hacked. 500 million affected ...
« Reply #2 on: November 30, 2018, 10:15 AM »
It's a recurring story. There is no way to stop this as the people doing it have unlimited time and/or money or are working "under the gun" so to speak. The reward is very high and the risk is of getting caught is near zero especially if they are outside of the developed world or in China. Organized crime is in on this new racket.

Offline DeformedTree

  • Posts: 342
Re: Marriott (Starwood database) hacked. 500 million affected ...
« Reply #3 on: December 01, 2018, 08:30 AM »
It's a recurring story. There is no way to stop this as the people doing it have unlimited time and/or money or are working "under the gun" so to speak. The reward is very high and the risk is of getting caught is near zero especially if they are outside of the developed world or in China. Organized crime is in on this new racket.

No, it's actually very easy to stop.  Outlaw stores/businesses/doctor offices from collecting and storing data on people.  They do not need it for anything. They collect it often for no reason, or because it's just something they can do, or they want to use it to sell information on you, or target marketing etc.  The world functioned just fine before they had this information or a way to store it. You don't even need to go back very far, just 20-25 years ago none of this was happening, as business just didn't have electronic means to store it, nor did they care too.   We have no gone so far where almost everyone thinks nothing of giving businesses various information and thinks they have to.  When a business ask for information, tell them no.  I do this all the time, they often grumble or act like they don't understand or there will be an issue, but there isn't.  Often it ends up being "uh you are going to have to keep your receipt".

What is hard to stop is business/entities building up this information with no consent/input from you.  Such as the credit score companies. Or companies  face scanning you soon as you enter the store with no information up before entering they do this.

Also stop signing up for rewards/membership programs.  Those are just data mining operations.

Look how many people here even keep asking about checking tool registration.  They forget/don't realize that requiring registration or similar for warranties is illegal.  You never have to register for a warranty.  Even if you truly trust a company not to do anything with the data, it's still been produced and sitting on a computer thus someone will hack into it.  If it's electronic data, it is fundamentally unsecured.

The EU is way ahead on this, as the US basically has nothing stopping this.  The newest form of the EU laws went as far as they could by putting requirements in place on companies outside the EU working in the EU.

These issues are in fact easy to stop, people just need to stop for a moment and understand how basic the root cause is.  It's not about adding more security/passwords/etc.  It's about not creating the information in the first place.  No data in computers, no data to steal.

Offline ElectricFeet

  • Posts: 94
Re: Marriott (Starwood database) hacked. 500 million affected ...
« Reply #4 on: December 02, 2018, 01:30 PM »
No, it's actually very easy to stop...

Couldn't agree more.

Another thing that's needed is a shift in thinking, and thus the law, to underscore that this is MY data that the companies are storing, not theirs. Once this shift occurs -- and gives me the right to sue for damages if they don't take care of MY data -- then things could change dramatically.

GDPR in Europe is a step in the right direction, but much more is needed. Targeted advertising should be made illegal: that would take away the business case for keeping most of this data. (And as a by-product, this would stop people living in "bubbles" that leads to polarisation.)