The Marriott cyber breach is the second largest data breach in history – after 3 billion Yahoo accounts were hacked in 2014-. Unfortunately, this latest breach was far more serious with the theft of not only names, addresses and card details, but passport numbers and the dates people checked in and out.
The breach has exposed a grave and global systematic flaw in mergers & acquisitions. There have been cases where companies have engaged in merger activity without being aware of any potential issue regarding data security of the organisation that they are purchasing. ROI calculations will unquestionably take place, but the exposure to risk is less likely to be considered, which would mean that the conclusions to invest are seriously flawed, incomplete & inaccurate and puts the entire portfolio at risk.
Marriott acquired Starwood in 2016, but Marriott management should have been aware that the Starwood systems were vulnerable. After all, Starwood has been hacked in 2014 when they fell prey to credit card breaches.
So, the question remains – was this a case of an enormous failure to perform proper due diligence prior to acquiring Starwood in September of 2016 for $13 billion, in turn creating the largest hotel chain in the world.
Software such as RiskView can assist with mergers and acquisitions to detect exposures to risk in various capacities, allowing an organisation to thoroughly audit a business in areas that they didn’t know could contain documents that could pose a risk to the business
- 22nd July 2019The Human Element of Data Security
- 15th July 2019Third Party Data Protection
- 10th July 2019Two Fines in Two Days – ICO Plans to Fine Marriot £99m
- 10th July 2019ICO Issues A Record Fine for BA
- 2nd July 2019Do You Have True Visibility of Your Data?
- 18th June 2019Reduce Your Exposure to a Data Breach
- 15th May 2019Organisations Relationship with Cybersecurity and their Workforce – In Scope
- 9th May 2019Subject Access Requests
- 1st May 2019Data Discovery
- 26th April 2019Defence In Depth