06 Dec Security Experts Compensate for Marriott’s Inadequate Breach Response
A number of security experts are reportedly voicing their concern over Marriott’s severely inadequate response to its recent data breach, and some have already taken measures to compensate for the hotel chain’s lackluster reaction to the incident.
The hotel company reportedly sent customers a notification email from “email-marriott.com,” which is registered to a third party firm, CSC. However, there was little else to indicate that email was at all legitimate, as the domain does not even load or have an identifying HTTPS certificate.
Rendition InfoSec’s Jake Williams said that he has already registered several domains that hackers may use for cybersquatting to scam breach victims. Likewise, FireEye’s Nick Carr said that he registered the similarly named “email-mariott.com” on the day of the Marriott breach and warned users not to be confused and to always be careful of where they click.