主页 > 技术经验 > 正文

万豪数据库被黑 华住之后万豪酒店顾客数据遭黑客泄露

2018-11-30 23:13来源:99科技综合编辑:顾小北

扫一扫

分享文章到微信

扫一扫

关注99科技网微信公众号

    原标题:万豪数据库被黑 华住之后万豪酒店顾客数据遭黑客泄露

    11月30日晚间消息,万豪国际酒店集团(Marriott International)刚刚宣布,旗下喜达屋酒店(Starwood Hotel)的一个顾客预订数据库被黑客入侵,可能有约5亿顾客的信息泄露。

  该消息公布后,万豪国际酒店股价在今日盘前交易中一度下跌逾5%。

  万豪国际酒店称,调查结果显示,有一未授权方复制并加密了这些数据。而且,自2014年就开始了对喜达屋酒店网络进行未授权访问。


  目前,万豪国际酒店已采取了补救措施,但并未公布进一步的信息。

  万豪国际酒店称,这些可能被泄露的信息包括顾客的姓名、通信地址、电话号码、电子邮箱、护照号码、喜达屋VIP客户信息、出生日期、性别和其他一些个人信息。

  对于部分客户,可能被泄露的信息还包括支付卡号码和有效日期,但这些数据是加密的。

  万豪国际酒店表示,已将该事件报告给执法部门和监管部门,积极配合其调查。

  www.51hacking.com渗透测试培训

  以下是全文信息:

  Hackers have had access to the Starwood guest reservation database since 2014.

  Marriott said forensic experts managed to decrypt the data attackers stole from the Starwood guest reservation database earlier this month, on November 19.

  They said the attackers exfiltrated information on up to approximately 500 million guests who made a reservation at a Starwood property.

  The Starwood hotel chain, which Marriott acquired in 2016, includes other hotel brands, such as W Hotels, St. Regis, Sheraton Hotels & Resorts, Westin Hotels & Resorts, Element Hotels, Aloft Hotels, The Luxury Collection, Tribute Portfolio, Le Méridien Hotels & Resorts, Four Points by Sheraton and Design Hotels.

  Investigators said that for 327 million of the Starwood guests, the information that attackers stole included a name, mailing address, phone number, email address, passport number, Starwood Preferred Guest ("SPG") account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences.

  For some of these guests, payment card data was also stolen, but Marriott did not say for how many.

  "For some, the information also includes payment card numbers and payment card expiration dates, but the payment card numbers were encrypted using Advanced Encryption Standard encryption (AES-128)," the hotel said today in an SEC filing.

  "There are two components needed to decrypt the payment card numbers, and at this point, Marriott has not been able to rule out the possibility that both were taken," the hotel chain added.

  For the rest, up to 500 million, the data only included a name, and sometimes other info such as mailing address, email address, or other information.

  Marriott started today notifying all affected guests via email. Hotel guests will also be able to visit a website that will be available later today at info.starwoodhotels.com for information about the incident. Where eligible, some users will also be able to enroll in a free identity monitoring service.

  "We deeply regret this incident happened," said Arne Sorenson, Marriott's President and Chief Executive Officer. "We fell short of what our guests deserve and what we expect of ourselves. We are doing everything we can to support our guests, and using lessons learned to be better moving forward."

  "Today, Marriott is reaffirming our commitment to our guests around the world. We are working hard to ensure our guests have answers to questions about their personal information, with a dedicated website and call center. We will also continue to support the efforts of law enforcement and to work with leading security experts to improve. Finally, we are devoting the resources necessary to phase out Starwood systems and accelerate the ongoing security enhancements to our network," Sorenson added.

  This is the third breach affecting Marriott's Starwood chain after the infections with Point-of-Sale (PoS) malware disclosed in 2015 and again in 2016.

     投稿邮箱:jiujiukejiwang@163.com   详情访问99科技网:http://www.fun99.cn

相关推荐
excel分析数据库怎么添加 excel分析数据库如何添加 excel分析数据库怎么添加 excel分析数据库如何添加

原标题:excel分析数据库怎么添加 excel分析数据库如何添加 1、在电脑上打开我

技术经验2022-04-14

支付宝被别人实名制了怎么办?不是本人的手机 支付宝被别人实名制了怎么办?不是本人的手机

原标题:支付宝被别人实名制了怎么办?不是本人的手机号可以注册支付宝吗?

技术经验2022-03-07

微信支付被限制多长时间可以恢复使用?微信支 微信支付被限制多长时间可以恢复使用?微信支

原标题:微信支付被限制多长时间可以恢复使用?微信支付被限制恢复使用时间

技术经验2022-02-07

知乎不被邀请回答怎么开启?知乎不被邀请回答的 知乎不被邀请回答怎么开启?知乎不被邀请回答的

原标题:知乎不被邀请回答怎么开启?知乎不被邀请回答的开启方法 很多多人不

技术经验2022-01-18

折叠屏手机被指伪需求 手机大厂趋之若鹜为哪般 折叠屏手机被指伪需求 手机大厂趋之若鹜为哪般

原标题:折叠屏手机被指伪需求 手机大厂趋之若鹜为哪般? 任 事物的出现

技术经验2022-01-05

为什么中国移动138、139号段被称为老板号,究竟 为什么中国移动138、139号段被称为老板号,究竟

原标题:为什么中国移动138、139号段被称为老板号,究竟怎么回事? 139、138是

技术经验2021-12-10

微软 Win 11 软件捆绑遭欧盟起诉:再次被指控存在 微软 Win 11 软件捆绑遭欧盟起诉:再次被指控存在

原标题:微软 Win 11 软件捆绑遭欧盟起诉:再次被指控存在垄断行为 近日,欧盟

技术经验2021-11-27

安全软件公司 McAfee 以 140 亿美元被收购 创始人已 安全软件公司 McAfee 以 140 亿美元被收购 创始人已

原标题:安全软件公司 McAfee 以 140 亿美元被收购 创始人已于 6 月身亡 安全软件

技术经验2021-11-09

剁手族请注意!被“双十一”促销垃圾短信轰炸 剁手族请注意!被“双十一”促销垃圾短信轰炸

原标题:剁手族请注意!被双十一促销垃圾短信轰炸 可拨这个电话举报 11月1

技术经验2021-11-07

Facebook被指已经意识到存在于其用户中的“问题使 Facebook被指已经意识到存在于其用户中的“问题使

原标题:Facebook被指已经意识到存在于其用户中的问题使用 据了解,《华尔街日

技术经验2021-11-07