IT Security Stories to Watch: Was Starwood Breached?
Starwood Hotels & Resorts Worldwide (HOT) last week said some of its North American locations were infected with malware that enabled unauthorized users to access customer payment card information.
And as a result, Starwood tops this week’s list of IT security newsmakers to watch, followed by the Georgia Secretary of State‘s office, PandaLabs and Clearswift.
What can managed service providers (MSPs) and their customers learn from these IT security newsmakers? Check out this week’s edition of IT security stories to watch to find out:
1. Starwood suffers a malware intrusion
Starwood noted that it has detected malware that affected certain restaurants, gift shops and other point-of-sale (POS) systems at some of its properties.
In addition, Starwood is encouraging customers to review and monitor their payment card account statements following the malware intrusion.
“Protecting our customers’ information is critically important to Starwood and we take this issue extremely seriously,” Sergio Rivera, Starwood’s president for the Americas, said in a prepared statement. “We want to assure our customers that we have implemented additional security measures to help prevent this type of crime from reoccurring.”
2. Georgia’s Secretary of State notifies voters about data leak
Georgia Secretary of State Brian Kemp has informed state voters that their personal information was inadvertently included on a statewide voter disc that was sent to 12 groups.
Kemp said the groups that received the disc included the Georgia Republican Party and Georgia Democratic Party. However, he pointed out that each of the 12 recipients confirmed it did not retain a copy of the information.
“The office took immediate action to protect Georgia voters’ personal information,” Kemp said in a prepared statement. “We retrieved the discs and confirmed that the recipients had not copied or otherwise disseminated the data.”
3. PandaLabs: More than 21 new pieces of malware discovered this year
Panda Security’s PandaLabs has detected 21 new pieces of malware in 2015 so far, according to its most recent quarterly report.
PandaLabs’ report also indicated that hackers most frequently use Trojans to launch cyber attacks, followed by traditional viruses and potentially unwanted programs (PUPs).
“Infecting a device that is connected to the Internet with a Trojan is as easy as hiding it in a file that the victim downloads,” PandaLabs Technical Director Luis Corrons said in a prepared statement. “From then on, all of the information on the device, the organizations information, or user passwords are at risk.”
4. Most U.S. organization have been breached in past year
A new study from data loss prevention solutions provider Clearswift revealed 92 percent of U.S. organizations said they have experienced some form of a data breach over the past 12 months.
The study, which includes responses from 500 IT professionals and 4,000 workers worldwide, showed that 75 percent of global employees said they believe their companies provide inadequate levels of information about data policies and what is expected of them.
“The detachment between the frontline security professionals and board members within an organization is particularly worrying,” Clearswift CEO Heath Davies said in a prepared statement. “Companies need a clear, coherent, adaptive strategy which encompasses people, processes and technology, and this mandate needs to come from the top.”
What are your thoughts on this week’s IT security stories to watch? Share your thoughts about this story in the Comments section below, via Twitter @dkobialka or email me at dan.kobialka@penton.com.
