Hello, fellow travelers. I wondered how long it would take for us to get “the memo” about the Starwood security breach that happened….FIVE YEARS AGO. (<—yep, you read that correctly)
In 2013, about 3 billion users personal data was compromised and in the fervent art of transparency, the Marriott thought they should share this with their loyalty card holders, etc. only 1,825 days after it happened. (Did that sound better than saying 5 years to you? I’m not really sure, but I thought I would try to make that sound a little softer.) In fairness, Marriott wasn’t aware of the hack when it acquired Starwood in 2016, but you know someone knew somewhere that um — stuff ain’t right with the user’s information.
So – you’re kinda pissed but not surprised, right?
That’s pretty much the consensus of online users today. You first react with, “That’s crazy!” or “What information was hacked?” but in a matter of days, hours, minutes, seconds – depending on each person – you’ve already chalked it up to, “This is what happen nows.” Pump the brakes because even this social media power user is still thinking, “What the hell? Five years and you’re notifying the public-at-large NOW?”
Whatcha gonna do about it?
I’m pretty sure there will be a class action lawsuit coming – so watch the mail for your little white postcard to submit. Almost every security breach comes with the obligatory lawsuit so you get your measly compensation for having your privacy hacked.
This is really a wake-up call and reminder to financial service professionals that your client’s information is super important – protect it all costs. For example:
- Don’t leave applications on your desk sitting around for people to pilfer through. Lock them up and put them away when you’re gone.
- Always lock your computer when you get up and leave. A.L.W.A.Y.S.
- Taking pictures of your client’s photo IDs, etc. with your cell phones? Nope – stop that. Where did that photo go? Google Drive? Apple’s cloud? Where did it go from there?
This means when you deal with people who have your information, you have the right to ask how your information is being used, how it’s stored, etc. It’s uncomfortable, but increasingly becoming necessary in the age of computer hacks.
Specific to this breach remember…
You need to keep in mind that your personal information (address, date of birth, phone number, email address, gender, etc.) and possibly your stored credit card information was compromised. This extended amount of time allows a lot of damage to be done by hackers.
You can read about the breach here: https://answers.kroll.com/ and get call center information to find out more information.
You can subscribe to WebWatcher for one year free-of-charge compliments of Marriott by clicking here: https://answers.kroll.com/us/index.html and scrolling to the middle of the announcement on the right hand side of the page.
You can also go to the Department of Homeland Security and inquire about your passport by clicking here: https://i94.cbp.dhs.gov/I94/#/history-search to make certain your passport number was not compromised.
Be A Person Of Action: Do your due diligence to protect your breached data. Also keep in mind that things around your office containing client’s privacy data is valuable and hold yourself and your staff at the highest level of integrity to protect it always.