The target: The reservation database for Marriott hotel chain’s recently acquired Starwood subsidiary was compromised from 2014 until September of 2018.
The take: 170 million customers had only names, addresses & e-mail addresses stolen, while 327 million more lost some combination of name, home address, e-mail, date of birth, gender, and passport numbers. Marriott have confirmed that over 5 million unencrypted passport numbers were accessed by attackers.
The attack vector: It is suspected that the merging of information systems after the Starwood acquisition created the vulnerabilities that were exploited by suspected state actors. Marriott hotels are often the preferred hotel of US government and military officials.
Reuters: A cyber attack caused major printing and delivery disruptions at the Los Angeles Times and other major U.S. newspapers, including ones owned by Tribune Publishing Co (TPCO.O) such as the Chicago Tribune and Baltimore Sun.
The Globe and Mail: Cybersecurity is top of mind for Canadian financial planners as firms adapt to evolving threats from hackers, phishers and ransomers.
While the financial services industry has long been a target, cyberattacks are growing more sophisticated and frequent. Last year, Statistics Canada reported more than one-fifth of Canadian businesses experienced a cybersecurity incident that impacted their operations.
The Irish Times: The Central Bank plans to pile pressure on financial institutions to get to grips with mounting cybersecurity, Brexit and other risks related to their outsourcing arrangements, as it found in a survey that many boards have little understanding how others manage these crucial functions.
Financial Post: eSentire, Inc., the largest pure-play Managed Detection and Response (MDR) provider, unveiled Cybersecurity FutureWatch 2018, a new research report that explores security evolution and maturity amid emerging technology adoption and evolving business needs. The report, which is based on a survey of more than 1,250 senior executives, management and security practitioners in the U.S., U.K. and Canada, found that only 30 percent of respondents are confident their business will avoid a major security event in the coming two years and 60 percent believe an attack will hit in the next few years.
The Telegraph: The Japanese minister for cyber security was accused of making a mockery of his new role after he admitted he has never used a computer.
Yoshitaka Sakurada, 68, faced a wall of laughter from fellow legislators when he made the admission in a car-crash response to questioning in parliament.