Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Breach
2023
A Hacker Faked His Own Death–Then Claimed To Have Sold Marriott Customer Data To Russians, FBI Says

A Hacker Faked His Own Death–Then Claimed To Have Sold Marriott Customer Data To Russians, FBI Says

Table of Contents

Incident Details

Earlier this year, an individual informed the FBI about selling Marriott hotel guest's personal information on a Russian forum. The individual also mentioned accessing various U.S. state death certificate registration agencies to fabricate his death. The accused, Jesse Kipf, faces charges related to unauthorized access to employee accounts at two Marriott affiliates and then offering this data for sale on a Russian online platform. Marriott has refuted claims of any breach in their systems.

Incident

How Did the Breach Happen?

An individual successfully infiltrated the accounts of employees working for two companies affiliated with Marriott, enabling them to access personal customer data belonging to Marriott. Subsequently, the perpetrator proceeded to market this data on a Russian online platform.

What Data has been Compromised?

The exact information that was exposed in this security incident was not revealed in the available details. It is probable that personal details of customers, including names, contact information, and possibly more confidential data, could have been affected.

Why Did the company's Security Measures Fail?

What Immediate Impact Did the Breach Have on the company?

How could this have been prevented?

Implementing more robust security measures and conducting frequent security evaluations of third-party contractors could have avoided this breach. Moreover, enhancing security with multi-factor authentication and strong data encryption could have provided an additional level of defense.

What have we learned from this data breach?

The significance of consistently monitoring and securing third-party contractors and enforcing robust security protocols to safeguard customer data has been underscored by this breach. It emphasizes the necessity for companies to make cybersecurity a top priority and take proactive steps to identify and mitigate potential weaknesses.

Summary of Coverage

A cybercriminal managed to infiltrate employee accounts belonging to contractors working with Marriott, where they proceeded to sell access to Marriott customer information on a Russian online platform. In addition, the cybercriminal infiltrated U.S. state death certificate registration agencies to fabricate their own demise. Although the exact details of the compromised data were not revealed, this incident underscores the importance for businesses to give precedence to cybersecurity measures and consistently evaluate the security practices of their third-party partners.

Is your System Free of Underlying Vulnerabilities?
Find Out Now