Marriott Customer Emails List Compromised

[dk4]

Email received today from Marriott -

Dear Marriott Customer,

We were recently notified by Epsilon, a marketing vendor used by Marriott International, Inc. to manage customer emails, that an unauthorized third party gained access to a number of Epsilon's accounts including Marriott's email list.

In all likelihood, this will not impact you. However, we recommend that you continue to be on the alert for spam emails requesting personal or sensitive information. Please understand and be assured that Marriott does not send emails requesting customers to verify personal information.

We take your privacy very seriously. Marriott has a long-standing commitment to protecting the privacy of the personal information that our guests entrust to us. We regret this has taken place and apologize for any inconvenience.

FAQ - Frequently Asked Questions Regarding Epsilon's Customer Information Breach

Did anyone else get it?

 

[farstar]

Got the same from Hilton

 

[Major]

Also received from SPG

 

[drron]

I got it from Hilton but not SPG.

 

[thewinchester]

Great, so that's the 5th time this year that a program/service I'm a member of has be compromised.

As an IT professional, I'm kind of disgusted in SPG, HH and Mariott for having procedures so poor they didn't test and verify the security of externally held information databases on a regular basis.

The worst thing is the 50+ companies who've had their data breached as a result of this incident are some pretty big names. The nature of these programs is also going to compromise some pretty big companies and result in a significant increase of spam to their memberbase.

Sadly, because US laws relating to IT are for all obstensive purposes useless as a wet newspaper, there's no punitive action that can be taken against these companies for being so useless. Punitive action needs to be taken, otherwise other companies will not learn from these mistakes.

 

[kamchatsky]

Great, so that's the 5th time this year that a program/service I'm a member of has be compromised.

As an IT professional, I'm kind of disgusted in SPG, HH and Mariott for having procedures so poor they didn't test and verify the security of externally held information databases on a regular basis.

The worst thing is the 50+ companies who've had their data breached as a result of this incident are some pretty big names. The nature of these programs is also going to compromise some pretty big companies and result in a significant increase of spam to their memberbase.

Sadly, because US laws relating to IT are for all obstensive purposes useless as a wet newspaper, there's no punitive action that can be taken against these companies for being so useless. Punitive action needs to be taken, otherwise other companies will not learn from these mistakes.

Maybe we should all change to A-Club, since their data is never accurate anyway (well at least for the credit of points part)!

 

[Major]

Just received the same email from Dell

 

[straitman]

I got it from Hilton but not SPG.

The same here.

 

[Archphoto]

Funnily enough, I too got an email from HH, but when I try to access my account online, I'm informed my account no longer exists!:shock:

 

[LiamR]

I recieved the E-Mail from Hilton, Dell & a supplier for software at work.

As a IT Professional, I am shocked at how this has happened.

At my work, we manage confidential information for thousands of people nationally. We constantly have security checks, of our suppliers, and intrenally. Every 3 months a complete check, along with an external audit. The problem is the laws regarding internet privacy and data protection in USA, are outdated and nowhere near as relevant as what we have here in Aus.

The information we store is nowhere near as important as what some of these hotel chains store on file... Everytime I hear a story like this I shake my head.

 

[russ]

I received the email from Prince Whalu of Nigeria.

 

[drron]

In the last 48 hours I have been receiving several spam emails purporting to be from DHL,Fedex and UPS.I guess it is related.

 

[markis10]

Its a good reminder to only put on the net what details you can afford to loose I suppose, such breaches are common and at the end of the day, a hacker will get in if they need to, after all we can hardly complain about companies not securing our data when our own government cannot secure the PMs laptop!

On a related note, for those in credit card marketing, try and get your agency to exclude placement of your credit card ads near stories with the word hacker!