Software and data security solutions company Kaspersky Lab has advised those hit by data breach at Marriott Hotels that they should change passwords and use electronic cards, not physical ones, for online payments.
The advice comes in the wake of Mariott Hotels chain suffering from one of the most critical data breaches in the history.
David Emm, Principal Security Researcher, Kaspersky Lab. said in an official statement, “Consumers who are concerned about their data will receive a notification if they’ve been affected, but we urge those who are concerned to proactively check with Marriott Group. We also warn consumers to remain vigilant, as these types of breaches present scammers with an opportunity to use the opportunity to try and scam people by pretending to be from the Ex-Starwood hotels chain or Marriott Group.
“This is one of the largest data breaches we’ve ever seen. The Marriott Group is a respected international hotel chain but questions need to be asked as to how 500 million guests have been affected by this cyber-attack,” the statement said, adding, “While we’re still only beginning to assess the true extent of the attack, ultimately the security solutions the Starwood Hotels and Marriott Group had in place clearly weren’t sufficient enough if it allowed an unauthorized third-party to get into the system. The data was encrypted, but the attackers potentially stole the keys too – highlighting that an extra layer of security should have been in place to prevent this from happening.”
“This data breach is now one of the most critical data-breaches in history. Not only is the amount of the information stolen terrifying, but the personal details that were exposed are essentially a database of very personal resumes of millions of people, in some cases accompanied by their credit card details. This opens the possibility of multiple threats, from spear-phishing attacks to cyber espionage. An incident of such scale will definitely be a push for some major changes in privacy policies and personal attitudes towards the data we share,” the statement said.
