Jump to content

Marriott now lets you check if you’re a victim of the Starwood hack


NelsonG

Recommended Posts

Hotel chain giant Marriott will now let you check if you’re a victim of the Starwood hack.

The company confirmed to TechCrunch that it has put in place “a mechanism to enable guests to look up individual passport numbers to see if they were included in the set of unencrypted passport numbers.” That follows a statement last month from the company confirming that five million unencrypted passport numbers were stolen in the data breach last year.

The checker, hosted by security firm OneTrust, will ask for some personal information, like your name, email address, as well as the last six-digits of your passport number.

Marriott says data on “fewer than 383 million unique guests” was stolen in the data breach, revealed in September, including guest names, postal addresses, phone numbers, dates of birth, genders, email addresses and reservation information. Later it transpired that more than 20 million encrypted passport numbers were also stolen, along with 8.6 million unique payment card numbers. Marriott said only 354,000 cards were active and unexpired at the time of the breach in September.

Opening up the checker to the wider public is a bright spot in what’s been a fairly atrocious incident recovery by Marriott since the breach. The company’s initial response was plagued with hiccups and missteps that many security experts stepped in to fill in the gaps at their own expense.

The checker won’t kick back a result straight away — you’ll have to wait for a response — and Marriott doesn’t say how long that’ll take. There is a certain irony in having to turn over your own data — not least to a third-party — to be told if you’re a victim of a breach. It’s literally the last thing any breach victim wants to do: hand over even their more of their personal information. But that’s the world we’re living in, and everything is terrible.

Use the checker at your own risk.

Techcrunch?d=2mJPEYqXBVI Techcrunch?d=7Q72WNTAKBA Techcrunch?d=yIl2AUoC8zA Techcrunch?i=mGl9Il1H4EE:6JtyLVTd6YU:-BT Techcrunch?i=mGl9Il1H4EE:6JtyLVTd6YU:D7D Techcrunch?d=qj6IDK7rITs
mGl9Il1H4EE

View the full article

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Our picks

    • Wait, Burning Man is going online-only? What does that even look like?
      You could have been forgiven for missing the announcement that actual physical Burning Man has been canceled for this year, if not next. Firstly, the nonprofit Burning Man organization, known affectionately to insiders as the Borg, posted it after 5 p.m. PT Friday. That, even in the COVID-19 era, is the traditional time to push out news when you don't want much media attention. 
      But secondly, you may have missed its cancellation because the Borg is being careful not to use the C-word. The announcement was neutrally titled "The Burning Man Multiverse in 2020." Even as it offers refunds to early ticket buyers, considers layoffs and other belt-tightening measures, and can't even commit to a physical event in 2021, the Borg is making lemonade by focusing on an online-only version of Black Rock City this coming August.    Read more...
      More about Burning Man, Tech, Web Culture, and Live EventsView the full article
      • 0 replies
    • Post in What Are You Listening To?
      Post in What Are You Listening To?
    • Post in What Are You Listening To?
      Post in What Are You Listening To?
    • Post in What Are You Listening To?
      Post in What Are You Listening To?
    • Post in What Are You Listening To?
      Post in What Are You Listening To?
×
×
  • Create New...