CSTI
    breachThe Commercial Era (2010-2019) Daily Briefing Landmark Event

    Cybersecurity Briefing: Massive Data Breaches Rock Major Corporations

    Tuesday, September 18, 2018

    Today, cybersecurity professionals are alerted to several major data breaches impacting notable companies. The most significant incident involves Marriott International, which disclosed that hackers accessed its guest reservation database, potentially compromising data for 500 million guests. This breach, traced back to 2014, originated from the Starwood property system acquired by Marriott in 2016. Marriott only discovered the unauthorized access on September 8, 2018, leading to a public announcement set for November. The compromised data includes sensitive information such as names, passport numbers, and credit card details, raising alarms over the vulnerabilities in hotel and travel industry systems.

    In addition to Marriott, British Airways has reported a breach affecting approximately 429,612 customers. Hackers injected malicious scripts on the airline's website to harvest payment card details and personal data between June 22 and September 5, 2018. This breach is linked to the web-skimming group Magecart, and it has significant implications as it falls under scrutiny due to the GDPR regulations. The potential fines could reach into millions, reflecting the increasing accountability placed on organizations to protect customer data.

    Meanwhile, Facebook is grappling with a security incident where attackers exploited vulnerabilities to compromise the accounts of 50 million users. The company has taken immediate action, resetting security tokens for affected users to curb further unauthorized access. This breach emphasizes the ongoing challenges social media platforms face in safeguarding user information amidst evolving cyber threats.

    These incidents collectively highlight the persistent vulnerabilities within corporate systems and the sophistication of cyber attacks. With regulations like GDPR coming into effect, companies are under pressure not only to secure data but also to ensure compliance, which includes notifying affected users and authorities of breaches promptly. As we move forward, these events serve as a stark reminder of the critical need for robust cybersecurity measures and the importance of continuous monitoring and risk assessment in protecting sensitive data against ever-evolving threats.

    Sources

    data breach Marriott British Airways Facebook GDPR