Protect your Website from Cyber Attack
unsplash_image @ Unsplash

The Marriott Hack – This is What will Happen Next.

Hackers gained access to the personal information of approximately 500,000,000 people who had booked reservations at a Starwood hotel.

Hotels such as Sheraton, Aloft, W Hotels, and Westin Hotels are among those on the list. Although Marriott acquired the Starwood Group in 2016, the process of reaching a compromise began in 2014, long before the acquisition was completed.

Hackers had full access for four years

In other words, there was ample time for the hackers to learn, gather information, and exploit that information. The hackers had complete access to the system and used it as a playground for four years, during which time they stole millions of dollars.

So, what will happen next?

A data loss prevention (DLP) system had been put in place to ensure that sensitive data did not leave the organization’s network. However, there is a simple method of getting around DLP systems. DLP systems must be able to read communications in order to determine whether or not they are sensitive and to take appropriate action to stop them. It is necessary for hackers to encrypt the data so that it cannot be read by the DLP system. Then they export away, taking the encrypted data with them wherever they go.

Of course, exporting large quantities of encrypted data will raise suspicions in and of itself. However, the hackers had plenty of time on their side. Over the course of four years, the data could have easily been encrypted and released in smaller batches.

So, what is going to happen next?
The investigation will continue in its current form. It’s likely that we won’t know the full extent of the breach for several more weeks. The breach will continue to make headlines for several weeks as more information is discovered and made public by the media.

People will be fired as a result of this.
Marriott will have to make a point of escorting one or more of their technology employees out the door as a show of force. The breach should have been discovered prior to Marriott’s acquisition of the company. Someone did not complete their homework, and as a result, that person or people will be fired in order to appease the shareholders’ concerns.

Marriott Hacking Resulting in Firing
Marriott has agreed to pay a fine.
Marriott will be subject to fines, similar to those imposed on Yahoo in this case. With GDPR, the fine could be as much as 4% of the company’s annual revenue. Because of the looming threat of a fine, the stock price will be depressed for a short period of time. However, the stock price will not be affected by this one-time event in the long run.

There will be a class-action lawsuit brought against the company.
Many law firms will be lining up to take advantage of Marriott’s financial woes. There will be years of litigation, and in the end, the lawyers will make a boatload of money, while the people who have been wronged will receive a coupon for a discounted hotel stay in exchange for their troubles.

Marriott will not cover the cost of replacing passports.
In a statement, Marriott leadership stated that they would do everything in their power to assist their customers. However, this does not include the replacement of passports for their customers.

Marriott quickly agreed to pay for the replacement of passports for those affected by the data breach after being pressed by lawmakers. This, on the other hand, will never happen. At the time of writing, the cost of replacing a passport is $110. The number of compromised passport numbers is in the hundreds of millions, according to the FBI.
Marriott will be unable to replace all of the passports that were compromised as a result of this situation. The hotel chain would be forced into bankruptcy if it had to foot the bill.

It will be impossible to determine the extent of the damage.
The actual damage caused by the data breach has already occurred. It is likely that people’s identities have already been stolen. Purchases have been made with credit cards that have been fraudulently used. The perpetrators have most likely already made millions of dollars by selling the information in the shadows over the past four years.

At this point, it is likely that it will be impossible to assign a monetary value to the security breach.

Marriott will continue to be used by people.
As a result of the massive data breaches that have occurred at companies such as Yahoo, Equinix, Home Depot, and hundreds of others, people have begun to become numb to the consequences of large-scale data compromises.

This is What Will Happen After the Marriott Hacking Scandal.
Due to the fact that credit card companies already protect their customers, credit card fraud has become a minor inconvenience for most people.

Identity theft creates a bit more of a messe to clean up, but even this is no longer a life-altering event in the vast majority of instances.

There will be no decline in profitability for Marriott and the Starwood family of hotels. Hopefully, this data breach will be a thing of the past in no time. Over the long term, this breach will have little or no impact on the stock price.