Marriott Says Fewer Affected in Hack, But 5M Passport Numbers Accessed - NBC 10 Philadelphia
National & International News
The day’s top national and international news

Marriott Says Fewer Affected in Hack, But 5M Passport Numbers Accessed

The FBI is leading the investigation of the hack and investigators suspect the hackers were working on behalf of the Chinese Ministry of State Security

    processing...

    NEWSLETTERS

    How to Protect Yourself From Hackers

    From regularly updating your software to uncommon screen lock codes, there are many things you can do to protect yourself from hackers trying to access your sensitive information. NBC News' Mark Barger and Consumer Reports Editor Jerry Beilinson offer some helpful tips on how you can safeguard your data. (Published Friday, Nov. 30, 2018)

    What to Know

    • When Marriott initially disclosed the breach in November, the company said that hackers compiled stolen data undetected for four years

    • Unencrypted passport numbers are valuable to state intelligence agencies because they can be used to compile detailed dossiers on people

    Fewer Marriott guest records than previously feared were compromised in a massive data breach, but the largest hotel chain in the world confirmed Friday that approximately 5.25 million unencrypted passport numbers were accessed.

    The compromise of those passport numbers has raised alarms among security experts because of their value to state intelligence agencies.

    The FBI is leading the investigation of the data theft and investigators suspect the hackers were working on behalf of the Chinese Ministry of State Security, the rough equivalent of the CIA.

    The hackers accessed about 20.3 million encrypted passport numbers. There is no evidence that they were able to use the master encryption key required to gain access to that data.

    Clerk Pulls Out Machete on Would-Be Robber

    [NATL] Clerk Pulls Out Machete on Would-Be Robber

    A would-be robber armed with a knife had a surprise in store when an Alabama store clerk pulled out a machete in defense. The two's brief knife fight was caught on camera before the clerk runs out to damage the robber's car.

    According to police, suspect Seth Holcomb walked up to the counter to make a purchase. He leaves the store and then comes back in as if to make a second purchase. Then, he pulled out a knife at the counter. What he didn't expect was that the clerk would pull out a machete of his own.

    (Published Wednesday, March 20, 2019)

    Unencrypted passport numbers are valuable to state intelligence agencies because they can be used to compile detailed dossiers on people and their international movements.

    In the case of China, it would allow that country's security ministry to add to databases of aggregated information on valued individuals. Those data points include information on people's health, finances and travel.

    "You can identify things in their past that maybe they don't want known, points of weakness, blackmail, that type of thing," said Priscilla Moriuchi, an analyst with Recorded Future who specialized in East Asia at the U.S. National Security Agency where she spent 12 years. She left the agency in 2017.

    When the Bethesda, Maryland, hotel chain initially disclosed the breach in November, the company said that hackers compiled stolen data undetected for four years, including credit card and passport numbers, birthdates, phone numbers and hotel arrival and departure dates.

    The affected hotel brands were operated by Starwood before it was acquired by Marriott in 2016. They include W Hotels, St. Regis, Sheraton, Westin, Element, Aloft, The Luxury Collection, Le Méridien and Four Points. Starwood-branded timeshare properties were also affected. None of the Marriott-branded chains were threatened.

    Marriott said Friday that it now believes the overall number of guests potentially involved is around 383 million, less than the initial estimate of 500 million, but still one of the largest security breaches on record.

    YouTube Mom Accused of Abusing Foster Kids for Clicks

    [NATL] YouTube Mom Accused of Abusing Foster Kids for Clicks

    Machelle Hackney of Maricopa, Arizona, is accused of forcing her adopted children to participate in her YouTube channel and abusing them if they did not recall their lines or perform as directed. Hackney's channel had accrued hundreds of millions of views since she joined in 2012.

    (Published Wednesday, March 20, 2019)

    The 2017 Equifax hack affected more than 145 million people. A Target breach in 2013 affected more than 41 million payment card accounts and exposed contact information for more than 60 million customers.