FlyerTalk Forums - View Single Post - Starwood/Marriott Data Breach 500 Million Guests affected, Marriott fined £18.4m
Thread: Starwood/Marriott Data Breach 500 Million Guests affected, Marriott fined £18.4m
View Single Post
Old Nov 30, 2018, 10:12 am
  #118  
frenchft
 
Join Date: Nov 2014
Location: lounge next door
Programs: *A Gold / ST Elite+ / OWS / EK G / HH Diam. / MR Tit / Hyatt GLOB / IHG Diam. / SL Jade / GHA Tit.
Posts: 1,523
Originally Posted by nsummy
I think marriott is trying to spread the blame around for this. Their statements are contradicting:





Common sense would dictate if there was proof that info was copied using unauthorized access to the Starwood database, that the contents would be from the Starwood database. You don't need to decrypt it to figure that part out. I think more than likely this breach didn't occur until Marriott purchased Starwoow, and what they really mean is that the data spans 4 years. I am an IT system administrator and I find it highly unlikely that this breach has been ongoing for 4 years straight! Not just unlikely, virtually impossible. These things are generally found out pretty quickly, though almost always after the damage is done. This would be quite the coincidence that with their major integration problems that this is a separate, unrelated incident
The way they managed it is as far as I know not very good for their relationship with UE...

"In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority competent in accordance with Article 55, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. 2Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay."
frenchft is offline  
Reply