Business Behind Marriott Information Leakage: Hackers Screen Dark Internet Sales of Beijing, Shanghai, and Guangzhou Tenants

On March 31, the official website of Marriott International Group announced that the information of about 5.2 million guests might be leaked. This is the second large-scale information leakage incident encountered by Marriott hotels within a year and a half.

The Beijing News reporter noticed that Marriott had two different ways of data leakage. The first time was an "external attack" by a hacker attacking the database, and this time it was an "inner ghost leak" of employee login credentials.

5.2 million customer information leaked, "home thief" was not protected?

According to Marriott, the leaked information includes the guest's name, address, email address, phone number, account and credit balance, birthday, preferences, etc., but Marriott has denied the client's account password, credit card, passport, ID card, driver's license, etc. Information was leaked. According to Marriott's estimates, the information breach could involve as many as 5.2 million customers.

This is only a year and a half away from its last data breach. In November 2018, information was leaked in the reservation database of the Marriott-owned Starwood Hotel, and Marriott claimed that hackers hacked into the system and stole the personal information of more than 383 million hotel customers.

Regarding the route of this data breach, Marriott said that the leak originated from "the person may have accessed a large number of customer information using the login credentials of two employees of a franchised hotel of the group since mid-January 2020," and It means that after discovering the foregoing situation, it has confirmed that the relevant login credentials are disabled, and notified the relevant departments to investigate and strengthen the monitoring.

On April 1, Peng Sixiang, the head of Tencent's data security team, told the Beijing News reporter that general data security will be leaked from three aspects. First, it will be blasted during external communication, attack the database, and steal internal information through external websites. Second, internal personnel exceeded the authority to leak the data; third, when the third-party partner cooperated, the other party did not use or save the data in accordance with the agreement, resulting in data leakage.

The Beijing News reporter noticed that according to Marriott ’s statement, Marriott ’s two methods of data leakage are different: in 2018, it was the first type of “external attack” on hacked databases, and this time it may be an insider ’s violation of authority Operation "Inner Ghost Leak".

Dark web or market, high-consumption customers become "gold masters"

Why are hotel guest information frequently spotted? The reporter learned that the leaked information may be circulated in the black and gray production channels and sold for different amounts. Earlier, the 500 million pieces of customer information leaked by Huazhu Group had been "packaged" for sale on the dark web for 370,000 yuan. For Mr. Luo, who has done real estate sales, the value of hotel customer information is much more than that.

"Previously, the phone numbers of real estate owners on the black market could be sold for 2,000 yuan and 10,000. Hackers can screen out people in high-end cities such as Beijing, Shanghai, Guangzhou and other first-tier cities to buy and sell in the market as high-end data. Because the hotel has sensitive information such as room opening records and home address, it may also be used by scammers. "

In Peng Sixiang's view, not only the hotel industry, personal privacy information in many industries will flow to the dark web, and buyers and sellers are generally black. "We have monitored the activity of the dark web, which can reach thousands of dollars in transactions. Some data can be bought for hundreds of dollars, depending on the magnitude and sensitivity of the data. Sometimes the dark web has been sold or expired. The data at the beginning is very expensive, but later it will become very cheap. The privacy data in the dark web are all clearly priced, ranging from one thousand dollars to several thousand dollars, which is already a relatively high price. "

As of 22:30 on April 1, the reporter did not see anyone selling the leaked information of the Marriott Hotel in the dark and gray production channels such as the dark web.

However, the reporter noticed that the data breach had caused Marriott to face huge claims. According to public information, after the Starwood information breach in 2018, the US lawsuit group filed a lawsuit against Marriott on behalf of many consumers, claiming $ 12.5 billion in claims.

Beijing News reporter Luo Yidan editor Wang Jinyu Xu Chao proofread Jia Ning