Please enable JavaScript.

Coggle requires JavaScript to display documents.

Computer misuse act (1990) case studies, UK retailer The Works suffers…

- - - - The Starwood group of hotels, which includes Sheraton, W Hotels, Westin, Le Meridien, Four Points by Sheraton, Aloft, and St. Regis, had been compromised sometime in 2014. This was before the Marriott Hotel group acquired it in 2016. It wasn’t until 2018 that Marriot found evidence of a breach through an internal investigation.
      - This meant for four years, the company had been the victim of a hacking campaign on Starwood’s reservation system. Cyber criminals exploited an unpatched vulnerability to hack the system.
      - While it was initially thought the hack affected 500 million people, this final number was 383 million. The hackers stole names, addresses, phone numbers, credit card information, email addresses, and unencrypted passport numbers.
      - The UK’s Information Commissioner’s Office (ICO) fined the Marriott chain £99 million ($135.95 million). The ICO said that Marriott ``failed to undertake sufficient due diligence" during the acquisition and missed the vulnerability as a result.