Categories: NewsTechnology

Why YOU Should Be Very Concerned About the Marriott Sheraton Westin Starwood Data Breach

Marriott is down playing their 500,000,000 person data breach as just another data hack that we have all become so used to.  So why are we being alarmist about this attack? is not prone to hype; we focus on facts and downplay opinion.  Yet this data breach’s implications are so massive we believe it to be of great concern to almost every person in “The West”.

There are four reasons YOU personally should be be exceptionally worried about the Marriott / Starwood Data Breach:

1 – Who YOU Are

If you are reading this you almost certainly live in the industrialized world.  That is a population of about 1 billion people.  It also likely means you are in the economic “top half” of that 1 billion people and guess who stays at Marriott hotels that were breached (Sheraton, Westin, aloft …), YOU!  The Marriott breach contained information rich data on half a billion people so that almost certainly means your data is included.

2 – The Type of Data Stolen

The Marriott hack was not a run-of-the-mill data breach that gave up your email address and password.  It included very personal information about you (address, gender, date of birth, passport, credit card, travel patterns…)  Skim through our article Why the Marriott Hotels Starwood Data Breach is a Much Bigger Deal Than Nearly Any Other Hack in History from last week and you will be concerned but that alone should not keep you up at night.

3 – The Chinese & Combined Data

The 20 Largest Data Breaches in History

It was reported this week that the Marriott breach is almost certainly the work of the Chinese government.  When you consider that China has been outed as the hacker in dozens of large scale data breaches including the US Governments “Office of Personal Management” (everyone with a US security clearance) and the Anthem Insurance breach (think very personal medical records), the likelihood that the Chinese government has a sophisticated and detailed knowledge of everything about you is very high.

Keep in mind that with current “big data analytics” it is easy to figure out who someone is, where they work, where they live, who their family is, from fully ANONYMIZED travel data so think about how much can be inferred from combining vast amounts specific data about you, your family and friends.

Also, this stolen very private data can be easily augmented by data the Chinese can purchase on the open market about YOU for just pennies.  Data brokers have literally thousands of additional data points about you.  Skim through this 60 minutes video from 2014 and ask yourself how much additional data you think they have on you today.

4 – What Can / Will Be Done With the Stolen Data

You may think to yourself, “So what, China has a detailed file on me and my family.  At least they are not going to use my credit cards to buy stuff and screw-up my credit”.  Consider this fact; 10 years ago all of this data would have been just that, data.  With modern computer analytics however that data can get turned into wide ranging “information”.  With this dossier on you China could figure out your travel, credit, health issues… which can then be used for:

  1. Industrial Espionage – What if you have access to some secret data and keep in mind that many people have access to secret data that they don’t think of as particularly sensitive but is.  You do not have to have access to the plans for the next stealth bomber to be of great value.  Most of what China is stealing these data is intellectual property.  If they can get you to give up even small amounts of information on your employer that information can be combined with others to form a complete picture.  Even just knowing what your company is planning in the next quarter allows the competition to screw it up with fake news, advance product releases, …
  2. Government Interference – So what if your country was in a trade war with China (like the US is today) and China decided to release some or all of the private information to dark web thieves that do things like identity theft and fraudulent credit card purchases?  What do you suppose would happen if nearly all of the wealthy and powerful people in a region (lets say Washington DC or Ottawa or all of Canada) were to have their credit grind to a halt?  That would be bad… very bad.  Credit would dry up and the economy would grind to a halt in a matter of weeks, like it did in the 2008/9 credit crunch we now call “the great recession”.  What would your federal government do to keep this from happening if China threatened such a thing?  That is pretty big chip to play in the poker game that is high stakes international negotiations (think trade deals, climate negotiations, …)
  3. Slow Down the Competition – It is VERY common practice in the corporate world to delay your competition through any means possible.  There are thousands of completely merritless court cases brought by competitors just to distract and drain capital to slow down development of the next big thing.  Imagine the world we have today in which the globes toughest competitor, China, can easily reduce the size of the trade show space you booked, cancel your hotel reservations and cell phone, or just screw up your employees credit.  These sound like nuisances but they are real distractions.
  4. Election Interference – With all this information on you, China can easily figure out your political tendencies and do what Russia is doing now, which is promote hatred and distrust of “the other side”.  If your country is in chaos (think Brexit or everything Trump) how effective are you going to be with advancing your agenda or developing the next new thing.
  5. Blackmail – Big Data Analytics applied to the stolen and combined data can likely figure out if you are cheating on your wife, stealing from your employer, or even not telling your employer you are gay (remember in Texas and other parts of the world being gay is still illegal and grounds for dismissal or worse).  All of that sets you up to be blackmailed for whatever purpose the Chinese want.
  6. MORE Data Collection – With the information China now has on you, how hard would it be for them to create fake social media profiles that match your tenancies.  You are much more likely to give up information to “friends” than strangers.  There are dozens of proven cases of security restricted documents being sent to “Facebook” friends for what the sender thought was a type of peer review.   After all if “my buddy xxxx works in yyyy department at company zzzz he surely is qualified to help me review that important presentation / report before I submit it so I don’t look foolish by missing something important and besides my Facebook firend xxxx is a great guy and I have helped him twice on his confidential reports (which were fake!).”  Yes this really happens.
  7. Crush an Economy or a Company – It is more than conceivable that if China was angry or thought this was the time for a strategic strike, they could release all of your company or regions “important peoples” details on the dark web and have the cyber thieves go to town.  If everyone working in your company or region just had their credit cards stolen, their bank accounts drained, divorce papers filed and their houses put up for sale, they would grind to a halt.
  8. Win a Specific Battle – Right now Canada has arrested one of China’s most important and most politically connected people, Huawei CFO Meng Wanzhou. China can easily threaten to shut down… well whatever they want (a government branch, the Vancouver area, Bell Canada…) by releasing targeted data on the relevant people.  If China was smart… and they are… China would do make this threat quietly through back channels and at very least this would accelerate the release of their VIP.

The Marriott data breach including passports, home addresses, employers, travel patterns, credit cards and more is something everyone in “The West” needs to be worried about.  The more you have, the more you have to loose and anyone reading this article has a lot.


This website uses cookies.