Marriott faces legal firestorm in the wake of disastrous data breach

3 Dec 2018

A sign outside a Marriott hotel in Singapore. Image: Stas_K/Depositphotos

Global hotel chain Marriott is in hot water as the fallout from its massive data breach continues.

Last week, coffee giant Starbucks officially enforced a block on accessing pornographic content over Wi-Fi connections in its stores across the world. The company had originally promised to block pornography in its stores in 2016.

Meanwhile, you may think that the green padlock on a website’s address bar denotes security and safety, but findings compiled by PhishLabs show that scammers are gaming the SSL (secure socket layer) system to con users into feeling safe using dodgy websites.

Read on to discover the need-to-know enterprise stories from the last week.

Marriott stung with lawsuits after massive data leak

On Friday (30 November), Marriott International confessed its reservation database for its Starwood properties had been hacked, potentially affecting the personal data of up to 500m customers. According to ZDNet, two Oregon men sued the chain within hours of the update, while another class-action case gathered pace shortly afterwards in Maryland.

Starwood brands include W Hotels, St Regis, Sheraton Hotels and Resorts, Westin Hotels and Resorts, Element Hotels, Aloft Hotels, The Luxury Collection, Tribute Portfolio, Le Méridien Hotels and Resorts, Four Points by Sheraton, and Design Hotels.

Rusty Carter, vice-president of product management at Arxan Technologies, said: “With the data of approximately half-a-billion customers breached, this is the largest exposure of traveller data ever. It’s indicative that the attackers either moved quicker to exfiltrate data from the target systems or they had more time before they were detected. What’s more, the attackers had access since 2014.”

Dell and US coffee chain Dunkin’ Donuts both reported breaches last week, but the sheer scale of Marriott’s has relegated these incidents to the sidelines.

US court bins Kaspersky Lab’s ban appeal

The US banned the federal use of Kaspersky Lab cybersecurity products in September 2017, and last week a court upheld the ban.

According to the US administration, Russian intelligence is said to have used Kaspersky products in espionage activities, leading to the outright clampdown on its software at a federal level.

CEO Eugene Kaspersky said: “The DC circuit court’s decision is disappointing, but the events of the past year that culminated in this decision were almost expected, and not just by our company, but by the cybersecurity industry in general.”

EU ban on e-commerce geoblocking comes into effect

In November 2017, the EU governing bodies agreed to end geoblocking within member states. In essence, this means that products or services sold online would need to be available to consumers in every EU country, regardless of which member state the customer is living in.

As of today (3 December), buyers will not have to worry about being blocked or rerouted just because of where they themselves or their payment card hail from.

Commissioner of the European digital single market, Andrus Ansip, said: “We want a Europe without barriers, and this also means removing barriers to online shopping.”

Prison inmates caught in military sextortion scam

Inmates in South Carolina have run into trouble following the discovery of a sextortion scam involving hundred of US military members. According to Slate, the inmates used mobile phones to target service members on dating platforms.

With help from outside accomplices, the inmates posed as women with a view to blackmailing victims for financial gain. After a few days of explicit conversations and images, the inmates would sometimes act as the woman’s ‘father’ and claim she was underage, asking for a cash payout to keep quiet.

The scam affected 442 army, navy, air force and Marine Corps members.

A sign outside a Marriott hotel in Singapore. Image: Stas_K/Depositphotos

Ellen Tannam was a journalist with Silicon Republic, covering all manner of business and tech subjects