500 Million Marriott Guest Records Stolen in Data Breach

marriott.PNG

The world's biggest hotel chain Marriott International disclosed that unknown hackers compromised guest reservation database its subsidiary Starwood hotels and walked away with personal details of about 500 million guests.

Starwood Hotels and Resorts Worldwide was acquired by Marriott International for $13 billion in 2016. The brand includes St. Regis, Sheraton Hotels & Resorts, W Hotels, Westin Hotels & Resorts, Aloft Hotels, Tribute Portfolio, Element Hotels, Le Méridien Hotels & Resorts, The Luxury Collection, Four Points by Sheraton and Design Hotels.

The incident is believed to be one of the largest data breaches in history, behind 2016 Yahoo hacking in which nearly 3 billion user accounts were stolen.

The breach of Starwood properties has been happening since 2014 after an "unauthorized party" managed to gain unauthorized access to the Starwood's guest reservation database, and had copied and encrypted the information.

Marriott discovered the breach on September 8 this year after it received an alert from an internal security tool "regarding an attempt to access the Starwood guest reservation database in the United States."

On November 19, the investigation into the incident revealed that there was unauthorized access to the database, containing "guest information relating to reservations at Starwood properties on or before September 10, 2018."

The stolen hotel database contains sensitive personal information of nearly 327 million guests, including their names, mailing addresses, phone numbers, email addresses, passport numbers, dates of birth, genders, arrival and departure information, reservation date, and communication preferences.

What's worrisome? For some users, stolen data also includes payment card numbers and payment card expiration dates.

But, according to Marriott, "the payment card numbers were encrypted using Advanced Encryption Standard encryption (AES-128)." Attackers need two components to decrypt the payment card numbers, and "at this point, Marriott has not been able to rule out the possibility that both were taken."

"The company has not finished identifying duplicate information in the database, but believes it contains information on up to approximately 500 million guests who made a reservation at a Starwood property," the company said in a statement.

Marriott confirmed that its investigation into the incident only identified unauthorized access to the separate Starwood network and not the Marriott network. It has also begun informing potentially impacted customers of the security incident.

The hotel company has begun notifying regulatory authorities and also informed law enforcement of the incident and continues to support their investigation.

Since the data breach falls under European Union's General Data Protection Regulation (GDPR) rules, Marriott could face a maximum fine of 17 million pounds or 4 percent of its annual global revenue, whichever is higher, if found breaking any of these rules.

US Postal Service Left 60 Million Users Data Exposed For Over a Year

post-office.PNG

The United States Postal Service has patched a critical security vulnerability that exposed the data of more than 60 million customers to anyone who has an account at the USPS.com website.

The U.S.P.S. is an independent agency of the American federal government responsible for providing postal service in the United States and is one of the few government agencies explicitly authorized by the United States Constitution.

The vulnerability is tied to an authentication weakness in an application programming interface (API) for the USPS "Informed Visibility" program designed to help business customers track mail in real-time.

The attacker could have pulled off email addresses, usernames, user IDs, account numbers, street addresses, phone numbers, authorized users and mailing campaign data from as many as 60 million USPS customer accounts.

USPS Ignored Responsible Disclosure For Over a Year

The unnamed researcher reportedly discovered and responsibly reported this vulnerability last year to the Postal Service, who ignored it and left its users’ data exposed until last week when a journalist contacted USPS on behalf of the researcher. After that, the Portal Service addressed the issue within just 48 hours

USPS Responds by Saying:

"We currently have no information that this vulnerability was leveraged to exploit customer records. Out of an abundance of caution, the Postal Service is further investigating to ensure that anyone who may have sought to access our systems inappropriately is pursued to the fullest extent of the law."

Instagram Accidentally Exposed Some Users' Passwords

Instagram has recently patched a security issue in its website that might have accidentally exposed some of its users' passwords in plain text.

The company recently started notifying affected users of a security bug that resides in a newly offered feature called "Download Your Data" that allows users to download a copy of their data shared on the social media platform, including photos, comments, posts, and other information that they have shared on the platform.

To prevent unauthorized users from getting their hands on your personal data, the feature asks you to reconfirm your password before downloading the data.

However, according to Instagram, the plaintext passwords for some users who had used the Download Your Data feature were included in the URL and also stored on Facebook's servers due to a security bug that was discovered by the Instagram internal team.

The company said the stored data has been deleted from the servers owned by Facebook, Instagram's parent company and the tool has now been updated to resolve the issue, which "affected a very small number of people."

Affected users are highly recommended to change their passwords and clear their browser history as soon as possible.

If you have not received any notification from the photo-sharing service yet, it means your Instagram account and password are apparently not affected by the bug. If you are still concerned about the privacy and security of your account, you can also consider changing your password.

Users are also advised to enable two-factor authentication (2FA) and always secure their accounts with a strong and unique password.

How to Safely Shop Black Friday Deals Online

shopping.PNG

Black Friday is no longer a one-day shopping bonanza on the day after Thanksgiving, it now is a newly formed shopping season that starts right after Halloween and can continue for weeks after Thanksgiving, paving the way for the Christmas shopping season.

Every year retailers are determined to get the most out of the shopping mood that engulfs deal-seekers around Thanksgiving, however, cyber criminals also start being active during shopping seasons. Here are some tips so you can safely enjoy Black Friday and Cyber Monday shopping.

HTTPS

One of the most common mistakes that online shoppers do is to perform transactions on websites that do not support the secure version of HTTP. If the site you are entering lacks a little padlock next to the URL, it may be time to move on to the next website that offers the same product but has a secure connection. Information transmitted over HTTP can be easily recorded. Sometimes even the website owners do not know that the data of their clients is being stolen by a third party. Always make sure that the URL of the store you are visiting starts with HTTPS.

Antivirus software

Having antivirus software installed on the devices you use to make online purchases is as essential as having insurance on your car. Quality antivirus software will prevent you from even entering shady websites; it will keep you safe while you browse by stopping malicious processes overtake your device, it will filter your emails and will always notify you if something does not look quite right. Antivirus software companies spend millions of dollars on research and development and have dedicated teams who make sure you are not an easy target.

Password hygiene

Registering on random websites here and there might be tempting while you look for the next Cyber Monday deal but some of the sites that you visit may not be as secure and may try to steal your login details and use them elsewhere. One of the best ways to prevent this from happening is not to use the same password on different websites. Instead, write down your password on a physical paper and store it safely, or use a password manager. Nearly half of the people living in the western world admit that they reuse their password on multiple websites. This means that if one of these websites gets hacked, hackers will be able to gain access to your other legitimate accounts.

Update your OS and also your software

Updates not only make your products better but also patch vulnerabilities. So if you decide not to update your software or operating system, the work of the IT security experts is useless as the vulnerabilities that they’ve managed to patch remain unfixed on your device. This is one of the reasons, so many hospitals get hacked, they simply do not have the time to reboot and update.

Phishing emails

If you receive a Black Friday deal in an email that rushes you to buy something at a fantastic price, and you do not recognize the email or the outlet that is approaching you, just ignore it. Do not click on any of the links inside and if possible, do not even open the email. Just move it to your junk folder and move on with your life.

Self-behavior

You have to be cautious and avoid deals that are too good to be true. If you receive a text message giving you a 95% off Ray Ban sunglasses, or the latest iPhone XR for a couple of hundred dollars, you are most likely being scammed. What makes things worse is that your email or phone number has been sourced by criminals who openly believe that you aren’t sharp enough and you may fall for such a trick.

Public Wi-Fi networks

Yes we get it, data is expensive, and your monthly wireless bill is getting higher and higher. Next time you are on lunch break enjoying a meal away from the office you may feel tempted to join those free Wi-Fi networks you see. However, don’t do it, especially when you are shopping. When you join an unsecured Wi-Fi network every person with average IT knowledge will be able to see your online activity, and possibly even record everything that you type. This includes card details, SSN, passwords, etc.

Credit Card

If you are not a big fan of credit cards, we still advise you to use one for the online purchases. This does not mean that you have to carry your balance, you can pay it right off. If somehow hackers manage to steal money from your checking account it won’t be easy to claim it back. However, most credit cards come with insurance so even if you end up being a victim of a cybercrime, your credit card company may reimburse you. However, it is always best to be cautious and simply avoid becoming a victim.

Mobile Phone Security: All You Need to Know

mobile-phone-security.jpg

How secure is your mobile device? It's easy to forget that your mobile phone is essentially a pocket-sized computer and that, just as with any device that can connect to the Internet, mobile phones are at risk of a cyberattack.

Mobile malware has been increasing at an alarming rate. There was a 27 percent increase in new mobile malware in the last quarter of 2017, according to McAfee.

Types of Mobile Malware

The types of mobile malware users may be exposed to are many and varying. Following are some examples:

  • Mobile spyware: This form of malicious software can infiltrate seemingly benign programs and secretly monitor your activity, record your location, and steal sensitive passwords. You may even have inadvertently granted an app access to harvest this information when you downloaded it.

  • Rooting malware: A particularly unsavory form of malware, these bugs gain root access to a compromised device in order to provide hackers with administrative privileges and access to users' files. Some rooting malware, such as Ztorg, are able to embed themselves into the system folders, so that even a factory reset won't be able to remove them.

  • Mobile banking Trojans: As mobile banking grows in popularity, an increasingly grave problem in the cybersecurity world is mobile banking viruses. In 2017, mobile banking Trojans attacked close to 260,000 users across 164 countries. Attackers masquerade as a legitimate banking app to lure users into installing it, only to steal their credentials.

  • SMS malware: This form of malware will manipulate a mobile phone to send premium-rate text messages, often without the user noticing until they receive a shocking bill at the end of the month.

How Your Mobile Phone Can Get Infected

By far the most common way that your device may become infected is if you download a malicious app. Cybercriminals may pirate an existing app and list it on a third-party app store with hidden malware attached, so that users who download the app invite malicious software onto their devices.

Hackers also exploit known vulnerabilities in an operating system, which is why it is paramount that you keep your device up-to-date with the latest software.

Another way you might expose yourself to an attack is by connecting to a public WiFi hotspot. As public WiFi is usually unencrypted, attackers can intercept the data stream between the user and the access point. Known as a "man-in-the-middle attack," this can enable intruders to eavesdrop on any conversations carried out over the compromised network.

What Are the Signs of a Malware Attack on Your Phone?

If you contract a virus on your computer, it can be quite straightforward to spot that something has gone wrong. You'll probably see hundreds of irritating pop-ups or find that your computer starts to randomly and sporadically crash.

The signs of an infection on your mobile phone, however, may be harder to spot. You may have some malware lurking in the background and corrupting your phone without even realizing it.

Key signs to look for are if your device suddenly begins to operate more slowly, or your battery drains more rapidly than usual. Far more than an indication that you need a phone upgrade, a noticeable and sudden drop in performance could be a sign of an infection.

Another tell-tale sign to assess whether you may have a virus on your phone is if you see sudden spikes in your data usage. This could be a result of a virus running background tasks that you aren't aware of, or trying to access the Internet in order to transmit data from your phone.

Strange charges on your monthly bill also could be symptomatic of a virus, as some malware can make money from sending premium texts from your phone without you noticing. Be sure to review your bill routinely so you can catch any dangerous viruses early.

How to Remove Mobile Malware

If you suspect that your phone may have been compromised, what steps can you take to remove malicious software?

You need to start by putting your phone into Safe Mode. You can do this by holding down the power off button until you're prompted to reboot your device to Safe Mode. The Safe Mode will disable all third-party apps, so if you find that your device then works smoothly, you can be confident that a virus is at the root of your problem.

Then go into your settings and to the apps folder. Scan for the app that you think might be the culprit, or for anything that you don't recall downloading. You can remove it manually by clicking the uninstall button.

Top Tip: Sometimes the uninstall button will be gray and won't respond when you tap on it, because the malicious app has granted itself administrator status. In that case, you need to go into the security settings and deactivate administrator rights for the malicious app in question. You then should be able to remove the app from the app list.

If you are still unable to remove the malicious software from your device, you will need to do a full factory reset. This can be achieved by going into your phone settings and erasing all data.

Be sure that you have backed up any important files before you do this, as you will not be able to retrieve your beloved photos and important contact list afterward.

Tips for Securing Your Mobile Phone

The most effective way to protect your phone from malware is to take preventative steps to reduce the likelihood of contracting an infection in the first place.

Following are our top tips for securing your mobile phone:

  1. Be wary of public WiFi hotspots. Do not access any sensitive information through public WiFi, such as logging into your bank or checking sensitive work emails, as a hacker may be able to intercept your communication through a "man-in-the-middle" attack. It is far more secure to use a 3G or 4G instead, or to use a VPN.

  2. Do not jailbreak or root your device. It may sound appealing to be able to download paid apps for free by jailbreaking your iPhone or rooting your Android, but this removes the protection from Apple and Google respectively. Proceed with caution if you do go down this route, or you may find yourself vulnerable to malicious apps.

  3. Only download apps from the official app stores. Savvy hackers have been known to slip past the walled garden of the App Store and the security measures of Google Play Protect, but your chances of downloading a malicious app are far lower if you stick to the official app stores.

  4. Update your operating system. Cybercriminals exploit vulnerabilities in operating systems to gain access to outdated smartphones. Be sure to install updates to your software as soon as a new version is released, to minimize this risk.

  5. Encrypt your device. Encrypting your phone will scramble all files so that only you have access to them. You'll need to enter a PIN or password to decrypt your phone every time you want to use it.

  6. Review your access permissions. Often when consumers download new apps they don't take the time to read the Terms & Conditions, or consider what data they are allowing the app to access.