Marriott International discloses a data breach that exposed the personal information of roughly 5.2 million hotel guests, the incident was detected at the end of February 2020.
“At the end of February 2020, we identified that an unexpected amount of guest information may have been accessed using the login credentials of two employees at a franchise property. We believe this activity started in mid-January 2020.” reads the data breach notification published by the company. “Upon discovery, we confirmed that the login credentials were disabled, immediately began an investigation, implemented heightened monitoring, and arranged resources to inform and assist guests.”
The following information may have been involved:
The investigation is still ongoing, at the time Marriott confirmed that it is not aware of exposure of the information involved, such as Marriott Bonvoy account passwords or PINs, payment card information, passport information, national IDs, or driver’s license numbers.
Guests could check whether they have been impacted by the security breach by visiting the online portal set up by the company.
The company also disabled and forced the reset of the passwords of Marriott Bonvoy members impacted in the incident, it also prompted to enable multi-factor authentication.
Marriott is notifying affected individuals and it is offering them free identity protection services for one year.
In November 2018, the company announced that hackers compromised guest reservation database at its subsidiary Starwood hotels and stolen personal details of about 500 million guests.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – Marriott, hacking)
[adrotate banner=”5″]
[adrotate banner=”13″]
The MITRE Corporation revealed that a nation-state actor compromised its systems in January 2024 by…
China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher…
The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack…
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…
This website uses cookies.