Marriott Hotel Customer Data Breach
Marriott Starwood was hacked. Here’s how it affects you and what to do…
With news of the Marriott Hotel data breach impacting 500 million customers, we wanted to remind everyone of some best practices for mitigating the downside effects.
Marriott International, the largest hotel chain in the world, announced that an attacker has been able to access their Starwood guest reservation database since 2014. The attackers were able to get customer e-mail addresses, names, birthdays, credit card info, and passport numbers. Yikes!
5 tips to protect yourself and your compromised data
Unfortunately, corporate data breaches are nothing new. You can still protect yourself even if your password, social security number, and other info is no longer private.Want to learn how corporate data breaches work? Learn more here.
- If you have stayed at any Starwood Hotels between now and 2014, check your credit card statements for erroneous charges. If you used a debit card at a Starwood Hotel, request a new one from your bank (since this links direct to your bank account, unlike a credit card).
- Always use a strong password and never reuse your password. If you reuse the same password on multiple sites, malicious hackers can use a compromised password to gain access to other sites like your bank account. The last thing you want to do is make it easier for an attacker to get into your other accounts. LastPass and Dashlane are two great password managers that are very secure and easy to use. They can help keep your unique passwords organized across websites.
- Don’t rely on just a password. Use multi-factor authentication (MFA). Even if a cybercriminal has your password, if you have MFA authentication enabled on your accounts, they can’t get in without that second security code. Enable this additional security setting on your email, banking and financial accounts, iCloud/Apple account, online file sharing portals, and anywhere else where you can. TwoFactorAuth is a great resource that has information and instructions on setting up MFA on various accounts.
- Never use your personal information as the answer to security questions or account reset questions. Since bad actors now know your social security number, address and DOB, this information should never be used as an answer to security or account rest questions. Instead, use something random or, better yet, use a random sequence of numbers/letters/symbols as the answer.
- Beware of phishing related to the attack. With all these big data breaches, cybercriminals have a lot of useful information that can be used to compile full profiles on any specific individual. This personal dossier can be used to target you specifically – for example, if a hacker knows you’ve stayed at Marriott, knows who you bank with, and what your family names are, they can send you a convincing spear-phishing email with a link or attachment. That link or attachment may contain malware or lead to a phishing site designed to infect your device or steal your passwords to other accounts.
How can Rubica help?
Cybercriminals will sometimes sit on this stolen information and use it later, so attempts to access your accounts or impersonate you may not be immediate. Keep Rubica running on all your devices for an additional layer of security.
If you’re a Rubica customer, Rubica can prevent known malware from being downloaded, block you from going to malicious sites unknowingly, and stop those sites or programs from accessing information on your devices or information you type while on those devices (i.e. passwords).
Rubica Private Client customers have our concierge support team on call for any help you may need, now or later.
As an additional security measure during your next hotel stay, connect to hotel Wi-Fi via Rubica’s virtual private network (VPN) to protect insecure connections. Doing this makes it harder for hackers to steal your login credentials or redirect your computer to a phony banking site.
Not yet a Rubica customer? What are you waiting for? Find the right plan for you today.