News broke today that hotel group Marriott suffered a massive data breach exposing the records of up to 500 million customers.

What Happened?

The hotel giant received an alert from an internal security tool in September, regarding an attempt to access the Starwood guest reservation database. The ensuing investigation revealed that there had been unauthorized access to the Starwood network since 2014. An unauthorized party had copied and encrypted information, and took steps towards removing it. Marriott was successful in decrypting the information on November 19th, and found that it was from the Starwood guest reservation database.

What Data Was Exposed?

In a statement filed with regulators, Marriott said they believe the duplicated information in the database contains data on up to approximately 500 million guests who made a reservation at a Starwood property. “For approximately 327 million of these guests, the information includes some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest (“SPG”) account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences. For some, the information also includes payment card numbers and payment card expiration dates.”

It’s too early to know what missteps led to the breach of data (we will update this article with new information) tied to as many as 500 million guests at hotel giant Marriott International Inc.’s Starwood reservation system, but data leaks such as this one continue to be an issue. Most data leaks are not a failure of technology, but rather a human error. This could be a misconfiguration or even just a failure of standard corporate processes. It is not a matter of if a misconfiguration will occur, but a matter of when it will occur and how quickly it will be discovered and exploited. Without standards and automation, companies are sitting ducks. In either case, we can expect to see more issues like this one until we start holding organizations accountable for data leaks.

More 2018 Data Breaches:

We are living in a world where there are hundreds of thousands of people around the globe continuously (whose job it is even) trying to exploit vulnerabilities. Regardless of how the breach occurs, typically, it’s because of an approach to compliance that is manual and periodic rather than continuous. Inevitably, that creates a cycle of being in and out of compliance.  The problem is that even a brief lapse in compliance opens up a window that can and will be exploited. When you don’t achieve continuous compliance through monitoring and automated remediation, then it’s only a matter of time before you join the growing list of companies mentioned above who have to explain to their customers that their information has been compromised.

In the cloud?  If so, get your free trial of DivvyCloud or speak with a DivvyCloud expert today and explore how we can secure your entire cloud environment.


DivvyCloud minimizes security and compliance risk by providing virtual guardrails for security, compliance, and governance to customers embracing the dynamic, self-service nature of public cloud, and container infrastructure. Customers like General Electric, Discovery Communications, and Fannie Mae run DivvyCloud’s software to achieve continuous security governance in cloud and container environments (AWS, Azure, GCP, Alibaba, and Kubernetes).  First, our software performs real-time, continuous discovery of infrastructure resources allowing customers to identify risks and threats. Second, customers can implement out-of-the-box or custom cloud-native policy guardrails that identify and alert on violations. Third, we automate the enforcement and remediation of these policies.