CSTI
    breachThe Ransomware Era (2019-2021) Daily Briefing Landmark Event

    Cybersecurity Briefing: March 25, 2020 - Breaches and Vulnerabilities Rise

    Wednesday, March 25, 2020

    # Lead Story: Marriott International Breach

    Marriott International revealed a major data breach affecting over 5.2 million guests. The breach was initiated through compromised login credentials from two employees, granting access to a third-party application. The exposed data includes names, addresses, email addresses, phone numbers, and other personal information. This incident marks Marriott's second substantial breach, following the 2018 incident that affected 500 million records. The recurring breaches raise pressing concerns about data security and trust within the hospitality sector.

    # Secondary Items:

    SolarWinds Supply Chain Attack

    The vulnerability in SolarWinds' Orion software laid the groundwork for one of the most significant cyber-espionage incidents of the year. Attackers exploited this vulnerability, gaining access to multiple U.S. federal agencies and numerous private sector companies. The breach went undetected for several months, with its discovery occurring only in December 2020, underscoring the stealthy nature of the attack.

    Surge in Data Breaches

    In the first three quarters of 2020, there were 2,953 publicly disclosed data breaches—a staggering 51% increase compared to the same period in 2019. This rise is attributed to the shift to remote work prompted by the COVID-19 pandemic, which exposed numerous vulnerabilities across various organizations, resulting in increased attack surfaces for cybercriminals.

    # Analyst Perspective The events of March 25, 2020, signal a concerning trend in cybersecurity amid the upheaval of the COVID-19 pandemic. The notable Marriott breach and the emergent SolarWinds attack illustrate the vulnerabilities exploited during this chaotic period. Organizations must prioritize robust security measures and awareness training to protect sensitive data and maintain trust with customers. As we navigate through a rapidly evolving cyber landscape, the lessons learned from these incidents will be crucial in shaping future security strategies.

    Sources

    Marriott SolarWinds data breach cybersecurity COVID-19