Marriott data breach

Marriott data breach

<  Back to News and Media

Published on:

December 1, 2018

What Australians and New Zealanders need to know about the Marriott data breach...

Firstly, we have to assume ‘global’ means Australians and New Zealanders are caught up in this.

Second, ‘passport’ information may imply this is either an event that relates to an overseas hotel booking or the default data collected on its online system is ‘passport’ or they also mean other credentials like driver licences as well (we have not had this confirmed).

Third, Marriott has been emailing customers on the email address exposed, which does present a big ‘phishing’ risk people should be aware of. The Sophos Naked Security post reveals what to look for here.

Finally, like all big international data breach events there doesn’t seem to be dedicated information for Australians and New Zealanders (yet). Our passports may not expire for ten years! Last month passports were on par with driver licences as the most frequent credential stolen and misused by Identity thieves impacting our community. Around 11% of our clients that experienced a data breach then experienced further identity theft - namely unauthorised bank account access and new credit applications (such as credit card applications). Typically these would not be picked up by ‘online monitoring’ services.

IDCARE recommends requesting free copies of your credit report (check out our ‘Learning Centre’). In Australia and New Zealand we have three different credit reports (also called files) and private sector organisations that provide these. In fact if you’ve lived in Tasmania and mainland Australia you may have four! It can take up to ten business days to get the free copies. You’re looking for enquiries made about your credit history that you cannot explain. Our Fact Sheets go through these and how to go about applying for your free ones. If it is Passport data, then the only saving grace to this high risk credential is that the number changes when a new one is issued. Driver licences, another high risk credential, typically do not.


Other News

IDCARE is always active in the media from radio to TV, social media and news articles. Keep up to date with what's happening at IDCARE and in the media.
Facebook security incident

Facebook announced the discovery of a security issue affecting 50m accounts.

Fact check: Hackers argue it's cheaper to pay ransom

We take a look at what seven years of data has taught us about investment scams.

Cyber security breakfast for small business owners

For Stay Smart Online Week the Australian Cyber Security Centre is hosting a cyber security breakfast for small business owners and operators

Covid 19 Scam Warning

he World Health Organisation (WHO) classified the Coronavirus as a global pandemic on Thursday March 12, 2020.



IDCARE is here to provide you with specialist support and guidance when faced with a cyber and identity related issue. Contact one of our Identity & Cyber Security Case Managers to learn more about our Support Services and how we can help you.   

Get help

Submit a web request

Call Centre Icon


1800 595 160

Mon - Fri: 8am - 5pm AEST

QLD: 07 3555 5900
ACT & NSW: 02 8999 3356
VIC: 03 7018 2366
NT, SA & WA08 7078 7741

Call Centre Icon

call our NEW ZEALAND

0800 121 068

Mon - Fri: 10am - 7pm NZST

AKL: 09 884 4440