Firstly, we have to assume ‘global’ means Australians and New Zealanders are caught up in this.
Second, ‘passport’ information may imply this is either an event that relates to an overseas hotel booking or the default data collected on its online system is ‘passport’ or they also mean other credentials like driver licences as well (we have not had this confirmed).
Third, Marriott has been emailing customers on the email address exposed, which does present a big ‘phishing’ risk people should be aware of. The Sophos Naked Security post reveals what to look for here.
Finally, like all big international data breach events there doesn’t seem to be dedicated information for Australians and New Zealanders (yet). Our passports may not expire for ten years! Last month passports were on par with driver licences as the most frequent credential stolen and misused by Identity thieves impacting our community. Around 11% of our clients that experienced a data breach then experienced further identity theft - namely unauthorised bank account access and new credit applications (such as credit card applications). Typically these would not be picked up by ‘online monitoring’ services.
IDCARE recommends requesting free copies of your credit report (check out our ‘Learning Centre’). In Australia and New Zealand we have three different credit reports (also called files) and private sector organisations that provide these. In fact if you’ve lived in Tasmania and mainland Australia you may have four! It can take up to ten business days to get the free copies. You’re looking for enquiries made about your credit history that you cannot explain. Our Fact Sheets go through these and how to go about applying for your free ones. If it is Passport data, then the only saving grace to this high risk credential is that the number changes when a new one is issued. Driver licences, another high risk credential, typically do not.
And what is the dating industry doing to stop these financial predators.Read more...