The New York Times is reporting that Marriott International is “conceding” that 5 million passport numbers were unencrypted (stored in plain-text) and were stolen by hackers in the Marriott data breach. Specifically, the 5 million passport numbers are from guests who stayed at Starwood hotels, a division of Marriott International.
According to the article, passport numbers can be used to track the movement of people across borders. If other hotel chains or airlines are breached, passport numbers can be correlated and a map of movements can be built:
What made the Starwood attack different was the presence of passport numbers, which could make it far easier for an intelligence service to track people who cross borders.
This is why it’s important not only to store encrypted data but to store as little as needed for as short a time as possible. For example, companies should not store credit card numbers. Another example is storing order information; useful information especially when it comes to tax season, but it also does not need to be stored in an unencrypted/plain-text state. At least it should be stored on an encrypted hard drive.
Fortunately, Marriott says that the Starwood reservation system did encrypt at least 20 million passport numbers:
Marriott said for the first time that 5.25 million passport numbers were kept in the Starwood system in plain, unencrypted data files — meaning they were easily read by anyone inside the reservation system. An additional 20.3 million passport numbers were kept in encrypted files, which would require a master encryption key to read.
This was the right approach! Strange that they didn’t take this approach for the 5 million passport numbers.