Hacks, breaches, cybersecurity incidents – oh my!

Massive Marriott data breach

Marriott International Inc. has reported that the reservation database at its Starwood properties was breached, potentially affecting 500 million guests and making it one of the largest breaches in corporate history. The former Starwood brands now under the Marriott umbrella include W Hotels, St. Regis, Sheraton Hotels & Resorts, Westin Hotels & Resorts, Element Hotels, Aloft Hotels, the Luxury Collection, Tribute Portfolio, Le Méridien Hotels & Resorts, Four Points by Sheraton, and Design Hotels. Starwood branded timeshare properties are also included. Read Mariott’s official statement here.

What you need to know

According to Marriott, hackers gained access to the reservation system as early as 2014. An investigation launched this month, found that an unauthorized party had copied and encrypted customer information, and took steps toward removing it.

Exposed information includes guest names, phone numbers, email addresses, passport numbers, birth dates, and arrival and departure information. Although Marriott said credit card numbers were encrypted using Advanced Encryption Standard encryption (AES-128), it has not been able to rule out the possibility that enough details were taken to decrypt this information.

  1. The company is offering one year of free enrollment in Web Watcher to people who live in the United States, Canada, and Britain. WebWatcher monitors internet sites where personal information is shared and generates an alert to the consumer if evidence of the consumer’s personal information is found.  To activate WebWatcher, go to info.starwoodhotels.com and click on your country.
  2. Update any passwords associated with a Starwood Property account, as well as unrelated sites that utilize the same password. To increase your security, generate a strong and unique password using RoboForm’s built-in password generator.

Dell.com password reset

In other news, Dell announced its online marketplace experienced a “cybersecurity incident,”  leading the company to reset all Dell.com customer’s passwords. According to a forensic investigation, hackers were attempting to extract customer names, email addresses, and hashed passwords. While investigators found no evidence that the hackers succeeded, the company has not ruled out the possibility that some data may have been stolen. The official statement can be read here.

Dell declined to say how many accounts were affected, but did say that payment information and Social Security numbers were not targeted.

Next steps

Resetting passwords is always a good security measure, even in cases where the hackers may not have been successful. When resetting your dell.com password, use RoboForm’s built-in password generator to generate a unique and strong password. You can also utilize RoboForm’s Security Center to ensure the same password was not used across multiple sites.

What about RoboForm security?

Concerned about your online security and wondering how RoboForm can help? Visit our Key Features page to learn more about the benefits of RoboForm. And, if you’re not yet a RoboForm user, take the leap and try RoboForm Password Manager for FREE.



Posted by Simon Davis

Simon Davis is the VP of Marketing for RoboForm.