Introduction
Data breach transpires when unauthorized personnel access confidential, protected, or sensitive information of an organization. A data breach can lead to the loss of business secrets, inventions, and personal data. Despite sophisticated systems that had to be developed by organizations to protect data, cyber hacking has adversely affected the operations of various firms, including Facebook and Marriott.
Marriott
- The attacker was able to access credit card information, contacts, passport data, arrival, and departure details of over 300 million customers who had visited the hotel.
- According to Marriott, a third party hacked into the hotel’s system and accessed crucial business and personal information.
- The organization received an alert from an internal system that someone had gained access to the hotel database. After an investigation, it was discovered that a hacker had encrypted and copied crucial customer data.
- After the attack, the company informed affected customers and reported the matter to authorities to conduct additional investigations and initiate prosecutions.
- The attackers took advantage of the “View As” tool introduced by the company, which allowed the pre-viewing of personal profiles as appeared from other people’s accounts.
- During the attack, over 50 million users were affected, including the company founder and other senior officials.
- However, Facebook responded and fixed the vulnerability. The company informed the relevant authorities and turned off the “View As” feature to allow for a system security review.
- The attack on the Facebook company was based on security flaws related to the new feature in users’ profiles.
Conclusion
Cases of cybercrimes continue to increase as technology advances. The practice has led to several serious cyber-attacks in many organizations. Facebook faced a data breach due to the vulnerability of its new feature, while a third party accessed crucial information from Marriott hotel systems. In both cases, companies were able to address the consequences of attacks and reviewed underlying vulnerabilities for future protection.