Slashdot Mirror

← Back to Stories (view on slashdot.org)

Marriott Discloses Missing Data Files

Posted by Zonk on from the i-seem-to-have-misplaced-this-small-item dept.

An anonymous reader writes "Marriott International has admitted that it is missing backup computer tapes containing credit card account information and the Social Security numbers of about 206,000 time-share owners and customers, as well as employees of the company." From the Washington Post story: "Officials at Marriott Vacation Club International said it is not clear whether the tapes, missing since mid-November, were stolen from the company's Orlando headquarters or whether they were simply lost. An internal investigation produced no clear answer. The company notified the Secret Service over the past two weeks, and has also told credit card companies and other financial institutions about the loss of the tapes."

26 of 162 comments (clear)

  1. why do they have SSNs for customers? by rritterson · · Score: 4, Interesting

    Can anyone tell me why Marriot has the SSNs of Customers?

    Time-share owners, maybe, employees definately, but customers? Why?

    --
    -Ryan
    AUWYHSTOT (Acronyms are Useless When You Have to Spell Them Out Too)
    1. Re:why do they have SSNs for customers? by User+956 · · Score: 4, Funny

      Time-share owners, maybe, employees definately, but customers? Why?

      Look, they're just making sure you don't steal any towels. Towel theft is a big deal.

      --
      The theory of relativity doesn't work right in Arkansas.
    2. Re:why do they have SSNs for customers? by QuantumG · · Score: 4, Informative

      Unless your business model including some sort of recurring billing there is absolutely no justification for storing every digit of a credit card number. The first and last digits are more than enough for data matching purposes.

      --
      How we know is more important than what we know.
    3. Re:why do they have SSNs for customers? by Pampusik · · Score: 3, Informative

      I believe this concerns time share loans, in which case a SSN would be required in the credit process.

    4. Re:why do they have SSNs for customers? by cayenne8 · · Score: 3, Interesting
      " I believe this concerns time share loans, in which case a SSN would be required in the credit process."

      Well, even if so...why did they keep the numbers? I've run into things where people wanted my SSN....which I pretty much refuse to give to anyone not associated with ssn taxes....but, to get around it...I just give a deposit in lieu of SSN.

      --
      Light travels faster than sound. This is why some people appear bright until you hear them speak.........
    5. Re:why do they have SSNs for customers? by Pampusik · · Score: 3, Informative

      They would need to keep the SSNs to share with their loan servicer(s?) and backup companies.

      In most cases, when you take out a loan with somebody, your data is likely being shared with everybody they do business with related to the servicing of the loan... especially if you're a "high risk" customer (e.g., low credit score).

    6. Re:why do they have SSNs for customers? by toddbu · · Score: 5, Insightful
      Can anyone tell me why Marriot has the SSNs of Customers?

      I think that you're asking the wrong question here. Shouldn't you be asking "why does it matter if they keep your SSN?" Our whole system of using SSNs to identify people is broken, and if Congress would get off their lazy duffs and fix the problem then maybe it wouldn't matter if someone had my SSN number or not. A simple change to credit reporting laws that would require a second level of verification of the identity of a consumer before granting credit, like what happens when you put a fraud alert on your credit report, would go a long way toward fixing this problem. But those who issue credit are afraid that if you got rid of easy credit then their market would collapse. I'll agree that some people would be inconvenienced by such a system (like those who move around a lot), but it sure would reduce fraud. At the very least, I should have the option of making a fraud alert permanent, and to have complete control over who can view my credit history. Then maybe it wouldn't make such a difference if someone got my personal information.

      --
      If you don't want crime to pay, let the government run it.
    7. Re:why do they have SSNs for customers? by llefler · · Score: 4, Informative

      They need to keep your SSN for tax purposes. Depending on your agreement, the loan to 'buy' your timeshare is considered a mortgage. So they need to report interest to the IRS. Not to mention, a credit agency is going to use your SSN to avoid simple name collisions.

      As far as keeping your credit card number, they could be requiring it to cover maintenance fees or it's possible customers are automatically having their loan payments charged to their credit card. I do that with a couple of my monthly expenses so I don't have to write a check. (having both electronic withdrawals and automatic billing to credit cards, I prefer the latter)

      While I suppose you can get around these by buying the timeshare outright, and prepaying maintenance fees, most customers do not want to do that.

      --
      It is amazing what you can accomplish if you do not care who gets the credit. -- Harry Truman
    8. Re:why do they have SSNs for customers? by lazlo · · Score: 3, Insightful

      I've argued with my boss several times that we should dump the SSN and just keep a few hashes instead (md5/sh1/whatever). He doesn't like that idea for valid reasons (mainly compatibility with other systems that don't know shit about a hashed SSN).

      I could be wrong about this, but here's another reason to think of. Hashing the SSN's in the database doesn't raise the bar much for ID thieves. There are 1G possible SSN's. According to my calculations (and the output of "openssl speed md5"), calculating and storing the MD5 of all of them would take my computer about 30 minutes and would take up about 20GB of drive space. After which, looking up an ssn from the hash would be fairly easy.

      My first thought was "add some salt", but SSN's aren't passwords (although they're used like passwords fairly often), they're indexes. So if I've got info on my John Doe, and want to see what info you have on that same John Doe, unless we happened to use the same salt we're screwed.

      The only solution I can see would be to use deterministic salt. store the MD5 of, for instance, the person's SSN.DOB. That would make it so that the problem for the attacker is (assuming he only cares about people 18-65 years old) 17,155 times harder. So now the database is over 300 TB, and it takes a year to calculate (on my machine). But it means that everyone has to start collecting DOB (which they mostly do anyway - but it would now be necessary) and would have to agree to use MD5(SSN.DOB) as a person's identifier. Thinking about it, that might not be so bad... But it'll still take an act of God or congress to get everyone to start doing it. And I'm guessing God might be more likely.

      --
      Pound! Bang! Bin! Bash! is this a shell script or a Batman comic?
  2. And THAT is why... by Winlin · · Score: 5, Funny

    I stayed in a Holiday Inn Express last night.

  3. Great. by User+956 · · Score: 3, Informative

    With $105 billion in this type of crime in 2005, I'm glad the Department of Homeland Security has had their budget cut to $16 million. That should stop those crooks!

    --
    The theory of relativity doesn't work right in Arkansas.
    1. Re:Great. by dc29A · · Score: 3, Insightful

      Why is the job of Homeland Security to secure the data storage of a random company? Start putting out heavy fines on companies who fail to securely store customer data and the problem will go away. Right now there is no "incentive" for companies to keep personal data stored safely. A little PR can take care of a hack.

      Companies need to be held liable for the safety and security of their customer's data. The problem then will go away.

    2. Re:Great. by User+956 · · Score: 3, Insightful

      Companies need to be held liable for the safety and security of their customer's data. The problem then will go away.

      I'm hearing you. I think the way the SSN system works with the financial system is horribly inefficient, insecure, and pront to abuse. But you need to cover both ends. Security on the front end, and proper policing on the back end. Cutting the DHS budget certainly isn't going to help-- especially when hundreds of millions are allocated for projects like the bridge to nowhere.

      --
      The theory of relativity doesn't work right in Arkansas.
    3. Re:Great. by dangitman · · Score: 4, Insightful
      With $105 billion in this type of crime in 2005, I'm glad the Department of Homeland Security has had their budget cut to $16 million. That should stop those crooks!

      Given the lack of competence of DHS, eliminating their funding can only be a good thing. They only seem to make things worse, and haven't really shown any evidence of being effective at doing anything other that waste money and erode civil liberties.

      --
      ... and then they built the supercollider.
    4. Re:Great. by Dhalka226 · · Score: 4, Informative

      I'm glad the Department of Homeland Security has had their budget cut to $16 million.

      That's misleading. Their RESEARCH budget for CYBERSECURITY is cut to $16 million, and that's only down 7% from last year, which means under $2 million in cuts.

      You can argue it should be higher if you wish, but don't make it sound like the entire DHS--or even cybercrime enforcement in general--is funded that sparsely.

  4. Oh thank you thank you thank you! by rleesBSD · · Score: 4, Funny

    Now wifey will never know.

  5. Re:Identify theft a fad? by MaineCoon · · Score: 4, Interesting

    Back in ancient days (pre-500 AD for example), it was not a rare thing for vaguely look-alike, or not even look-alike people, to claim to be someone famous/important in a village or town where nobody could invalidate the claim (or those who would validate it were being duped or willing participants).

    This is a quite old crime. The difference is that now identity theft of everyday people can be lucrative, and you don't even need to look like them or deal with tricking others. And you don't have to worry about being lynched or stoned, just going to jail.

    --
    Hunt your preferred prey at Aliens vs Predator MUD. Join the war at avpmud.com port 4000
  6. This kind of thing keeps happening... by dlaur · · Score: 3, Insightful

    Let me ask a simple question: Why don't they encrypt this stuff?

    1. Re:This kind of thing keeps happening... by HermanAB · · Score: 3, Insightful

      No, only the *reporting* of leaks will stop instantly...

      --
      Oh well, what the hell...
  7. Re:Lost != Stolen by quarkscat · · Score: 3, Interesting

    Be afraid. Be very afraid.

    Considering the time of year, no doubt some Marriott PHB who was looking for some extra X-Mas cash decided to "sell their list". While many companies have absolutely no qualms about selling customer information (AKA creating a new "profit center"),
    I am more inclided to believe that the backup tapes were lost or stolen, rather than a conscious effort to create a new corporate profit center.

    Then again, John Poindexter's "Total Information Awareness" project (entirely DoD databases) was morphed into "MATRIX", which was designed to make use of multiple commercial (and commercially available) databases. So, perhaps, it was was merely an "extra patriotic" Marriott employee.

    Considering recent events in the news (non-FISA approved wiretapping), perhaps one possibility is just as scary as the other...

  8. fraud monitoring by spoonyfork · · Score: 4, Insightful

    I'm glad to read Marriot is offering credit fraud monitoring to the affected people like how Ford offered to its employees when they recently lost 70,000 employee/retiree SSNs. Unless it is lifetime monitoring I fail to see the long term value.

    Wait a second, why don't the credit bureaus offer free lifetime credit fraud monitoring to everyone in the first place?

    --
    Speak truth to power.
  9. That's nothing... by Anonymous Coward · · Score: 5, Informative

    AC for obvious reasons...

    I work the front desk at a competing 4-star hotel chain. I work the night shift ($10/hr to sit there babysitting the desk and reading/fiddling on my laptop, great job for students ;-)). Anyway, the first day, FIRST DAY! I was working there I had access to all the back-up tapes for the past month with every guests name, address, phone number, what government agency/corporation they work for, and CC#'s/expiration dates. The tapes are all sitting in a filing cabinet in the front office.

    So many people touch the tapes, front desk staff/accounting/reservations/IT, that if one went missing it would be impossible to track back to an individual. What's more, if I just picked up my own tape and made a dupe at night in 35 minutes while I'm there alone nobody would ever know.

    This is a 400 room hotel in a major U.S. city, access to literally tens of thousands of names, addresses and associating credit card numbers, all for filling out a standard job application that I may or may not have filled out accurately. Unbelievable.

  10. I am REALLY starting to think by ScrewMaster · · Score: 4, Insightful

    that if these large corporations can't be trusted to play with their computers safely, maybe they should have them taken away. At the very least, I think some adult supervision should be required by law. And if that doesn't work, send them back to using typewriters and filing cabinets.

    --
    The higher the technology, the sharper that two-edged sword.
  11. Re:Hats off to Marriott by humphrm · · Score: 4, Informative
    Umm, I hate to say it, but a tape missing since last November constitutes a cover-up. Marriott only came out and admitted to the loss because their internal investigation turned up nothing.

    ABN Amro lost a tape with my data on it. The news was out that week. DHL found it, and even though the news agencies didn't cover it much, I got a follow-up letter from ABN Amro AND they extended the free credit tracking service from 3 months to 1 year.

    Marriott on the other hand waited over a month before they even notified the Secret Service, for crying out loud.

    No kudos to Marriott for this one. They're lucky that their month-long cover-up isn't criminal (yet).

    --
    -- "In order to have power, I must be taken seriously." -Mojo Jojo
  12. Some private data loss statistics by michaelaiello · · Score: 4, Insightful
    Lists of incidents

    A report (with pretty graphs) from a recent financial engineering class. Data was from Feb to Sep 2005...
    The 83 recorded loss events were categorized by loss event type and by industry sector. The data is relevant over 232 days. This yields a probability of a loss event occurring in any sector on any given day 35.7%. If only events affecting financial services institutions are counted, the probability is 7.5%.

    http://privacydata.michaelaiello.com/paper.pdf

    Bring forth the math corrections
  13. Famous Last Words by TallMatthew · · Score: 3, Funny
    IT Manager: "Datasafe's here to pick up the backup tapes."

    Marriott soon-to-be-ex SA: "Um, didn't they already come this week?"