Found a data breach yet, IT expert?

No, as an IT expert, we don't begrudge you a data leak within your company, but finding them seems to be the sport at the moment.

As if it were an end-of-year contest to see who can discover the biggest leak. Reports are tumbling over one another. For example, RTL Nederland recently reported that criminals had hacked 32,000 accounts of services such as Videoland, Buienradar and RTL News. Unwanted visitors at Dell also appeared to have had access to user accounts. En passant, cab service Uber in the Netherlands was fined 6 tons by the Personal Data Authority for buying off hackers in a 2016 data theft and failing to report the leak. By the way, the unfortunate winner of 2018 is already known, as last week the Marriott International Hotelgroup reported the second-largest data breach ever.

The IT expert and the year of privacy and data protection

Among other things, 2018 was the year of privacy. In May, the AVG went into effect. Or rather, as of that date, it is enforced and, as an organization, you must have your data security in order. This does not mean that you can never encounter a data theft - it remains a kind of technical arms race, of course - but it does mean that you must be able to demonstrate that you have done everything possible to prevent problems. You must also be able to indicate, if asked, what data you hold and be able to delete the data immediately upon request. After all, the customer has the right to be forgotten. Many an IT expert has been working on this over the past year. It often goes well, but not always as the Marriott case illustrates yet again.

The Marriott Hotel hack

At the Marriott group, hackers appear to have been accessing a database of customer data at subsidiary Starwood since 2014. Curiously, Starwood was incorporated by Marriott in 2015, at which time it was already known that the company had been the victim of a credit card hack the previous year, among other things. Yet it seems it wasn't until last September that alarm bells went off again. That's when an IT security system signaled that people were trying to enter IT systems illegally. It then took until Nov. 19 for IT experts to figure out that it involved the database of the Starwood reservation system and related hotel chains Sheraton, Westin and Meridian.

Hackers were found to have been in since 2014, copying data on about 327 million Marriott guests. Including names, contact information, passport information, reservations and sometimes even credit card data. The credit card data is secured with the usual encryption standard AES-128, but the hotel giant is not ruling out the possibility that the burglars also possessed both encryption keys. For the IT expert, an ex exciting story citing story that will, of course, be followed up extensively. With undoubtedly a huge fine for the hotel giant.

Plenty of challenges for the IT expert

Not every IT expert deals with data security. But what is true for all IT experts is that their work always matters and is challenging. Are you an IT expert looking for a new exciting challenge at the end of the year? In the field of data security or something completely different? Be sure to check out the latest assignments at Striive. And apply immediately.