5 Things You Need to Do Following the Marriott and Quora Data Breaches

Two big data breaches are in the news this week. Marriott announced that approximately 500 million customer records may have been breached and Quora announced that user data of 100 million accounts may have been compromised.

Here are 5 things you should do if you think you may be a victim:

1. Be on the lookout for phishing emails.

When data breaches of this magnitude happen, it opens the door for hackers to take advantage of your worry by sending you phishing emails asking you to change your password, sign-in to monitor your activity or some other call to action to gain your information.

If you receive an email notifying you of the breach, it is best practice to go directly to the website to change your password instead of using the link provided in the message.

2. Change your passwords

Whenever a breach happens, you should always change your passwords. Protect yourself by using unique passwords for different online accounts. If you don’t use different passwords for all of your accounts, you should use this as an opportunity to do so.

Instead of using short, complex, and hard to remember passcodes, use passphrases such as BillsWifeSarah or Mycatsginger that are at least 8 characters in length and are not commonly used (e.g. password).

3. Turn on two-factor authentication

Enable two-factor authentication on all your online accounts and devices, whenever possible. So instead of just entering your password, you would enter a combination of 2 things, such as your password plus a one-time password or PIN received over text message.

4. Take steps to protect your credit

Check your credit reports for free with Equifax, Experian and TransUnion by visiting www.annualcreditreport.com. Review your payment card statements for charges you don’t recognize. Place a fraud alert on your credit files so creditors verify that anyone seeking credit in your name is really you. Or you can request a free credit freeze on your accounts to block someone from opening new accounts in your name.

5. Stay Informed

Marriot and Quora are regularly updating and providing support to potential victims.

Stop Phishing Attacks with ERMProtect's Security Awareness Training

Turn your employees into a human firewall with our innovative Security Awareness Training.

Our e-learning modules take the boring out of security training.

ERMProtect's Weekly Newsletter

Get a curated briefing of the week's biggest cyber news every Friday.

Intelligence and Insights

FFIEC CAT to the CRI Cyber Profile 2.0

Why Some Financial Institutions Are Transitioning from FFIEC CAT to the CRI Cyber Profile 2.0

While the FFIEC does not endorse any specific tool, many financial institutions have started adopting the Cyber Risk Institute’s (CRI) Cyber Profile 2.0 …
GLBA Risk Assessments

GLBA Risk Assessments: A Key 1st Step in GLBA Compliance

The GLBA risk assessment is an organization’s starting point for GLBA compliance. We break it all down in this GLBA risk assessment overview …
Web Application Penetration Testing Services

Common Issues in Web Application Penetration Testing Services

Web applications are now ripe targets for hackers. Here we take a look at a few hacker attacks on web applications & how penetration testing services are critical …