Joining recent news on security breaches like Zoom, MGM Grand, and the Carnival Cruise line, is Marriott Hotels. Today, Marriott announced that approximately 5.2 million guest names, personal detail, email, addresses, loyalty accounts, and hotel preferences were disclosed in February. The company said they are not aware of any credit card or account passwords being exposed. An ongoing investigation is active.
The breach occurred when two employee’s passwords were compromised, which allowed the hacker to access “internal” systems and data accessed by employees. The depth of this threat is dependent on Marriott’s system designs, data and network separation and how Marriott manages internal access controls. Fortunately, and unfortunately, we hope Marriott implemented many controls after the 2018 Starwood data breach, Marriott having acquired Starwoods. So was it just the reservation system that the hackers were able to access? Stay tuned…
If you’re impacted or think you’re impacted, Marriott sent an email Tuesday to affected customers from firstname.lastname@example.org and set up a dedicated website where customers can submit a request to check to see if their information was involved in the data breach.
If you have any questions or information related to this article, please leave us a comment below.
See additional references: