Marriott announces data breach

Some 5.2 million guests’ information may have been accessed

Cyber threat: menace in the making. Credit: Getty images

WORLDWIDE - Last week, Marriott International announced that some 5.2 million guests' information may have been accessed using the login credentials of two employees at a franchise property.

The company believed that this activity started in mid-January 2020. Upon discovery, Marriott confirmed that the login credentials were disabled, immediately began an investigation, implemented heightened monitoring, and arranged resources to inform and assist guests. Marriott also notified relevant authorities and is supporting their investigations.

It said in its statement: "Although Marriott's investigation is ongoing, the company currently has no reason to believe that the information involved included Marriott Bonvoy account passwords or PINs, payment card information, passport information, national IDs, or driver's license numbers.

"At this point, the company believes that the following information may have been involved for up to approximately 5.2 million guests, although not all of this information was present for every guest involved:

•    contact details (eg name, mailing address, email address, and phone number)
•    loyalty account information (eg account number and points balance, but not passwords)
•    additional personal details (eg company, gender, and birthday and month)
•    partnerships and affiliations (eg linked airline loyalty programmes and numbers)
•    preferences (eg stay/room preferences and language preference)."

Commenting on the data breach, DarkTrace director of strategic threat, Mr Marcus Fowler, said: "The hospitality sector is already under immense strain, but cyber security needs to remain a priority even during this challenging moment.

"This breach should serve as a wake-up call to all in the hospitality sector - and other industries being negatively impacted by the pandemic - that they are still targets.

"Attackers won't wait to attack until business has stabilised, or until security and IT teams have completed the transition to remote work. Instead adversaries will look to use this uncertainty and upheaval to their advantage - striking while businesses are struggling to adapt."

Mr Fowler added that besides using the compromised information for email campaigns, the risks of business email compromise are exacerbated when employees are working remotely, and are hungry to receive information from colleagues or updates from their company.   

"Employees need to remain on high alert for targeted phishing campaigns and businesses need to find ways to support their security teams."

Darktrace's Cyber AI technology is used by over 3,000 organisations to protect against threats to the cloud, email, IoT, networks and industrial systems.