Hilton Hotels Database Hacked

Hilton Hotels has been hacked! Well, technically the database of names and emails used for marketing was hacked. According to the email communication below, Epsilon had an unauthorized access to its systems a few days ago.  Hilton joins a group of large companies that had marketing data compromised.  While it is true that email phishing is the biggest risk for us victims, I wonder what other information Epsilon has about us? 

The Epsilon press-release indicates:

A rigorous assessment determined that no other personal identifiable information associated with those names was at risk. A full investigation is currently underway.

Ok, thanks so much for the specificity.

According to Epsilon, the total amount of customers affected was only about 2% of their customer base. That may sound like a small number, but that is just too many. Imagine a whole warehouse worth of paper being stolen – its unreal how quickly our virtual self can be compromised.  This results from a public not being fully engaged with asking where their personal data goes. You know those credit card notifications received in the mail about information disclosures? Who reads those?  Upon receiving healthcare, do people actually read the HIPPA privacy statement they are given? Better yet, who even knows about HIPPA privacy rights besides healthcare professionals?

Now is the time to pay attention and learn everything possible about personal data given out to third-party companies Our lives are becoming more like the movie “Surrogates” where the virtual self is more real that the physical self.  If we do not guard our virtual lives, then who else will do it? Whoever guards us, owns us.

Dear Customer:

We were notified by our database marketing vendor, Epsilon, that we are among a group of companies affected by a data breach. How will this affect you? The company was advised by Epsilon that the files accessed did not include any customer financial information, and Epsilon has stressed that the only information accessed was names and e-mail addresses. The most likely impact, if any, would be receipt of unwanted e-mails. We are not aware at this time of any unsolicited e-mails (spam) that are related, but as a precaution, we want to remind you of a couple of tips that should always be followed:
• Do not open e-mails from senders you do not know
• Do not share personal information via e-mail
Hilton Worldwide, its brands and loyalty program will never ask you to e-mail personal information such as credit card numbers or social security numbers. You should be cautious of "phishing" e-mails, where the sender tries to trick the recipient into disclosing confidential or personal information. If you receive such a request, it did not come from Hilton Worldwide, its brands or its loyalty program. If you receive this type of request you should not respond to it but rather notify us at fraud_alert@hilton.com.
As always, we greatly value your business and loyalty, and take this matter very seriously. Data privacy is a critical focus for us, and we will continue to work to ensure that all appropriate measures are taken to protect your personal information from unauthorized access.

Jeffrey Diskin
Senior Vice President, Customer Marketing
Hilton Worldwide

Comments closed