Approximately 5.2 million guest information has been leaked in another Marriott Hotel data breach that was announced last Tuesday, 31st March 2020.
In an online statement released by the hotel giant last February 2020, they have identified a data breach wherein millions of hotel guests’ information was accessed using security credentials from two of their employees at a franchise property. Marriott also added that the breach may have started around mid-January 2020.
Just moments after the discovery, Marriott immediately disabled the employees’ login credentials, implemented heightened monitoring, arranged resources to inform and assist their guests, and immediately begun their in-depth investigation on this breach.
Marriott has confirmed that the leaked data contained personal and sensitive information such as contact details, loyalty account info, company, gender, birth date, partnership, affiliations, and even guests’ language preferences.
Marriott believes that the leaked information may have involved approximately 5.2 million hotel guests.
Though this breach exposed the hotel’s massive number of guests’ personal information, the hotel giant believes that it did not involve Marriott Bonvoy account passwords or PINs, payment card information, passport information, national IDs, or driver’s license numbers.
Marriott has sent out emails to their guests regarding the leak using their standard email address firstname.lastname@example.org they have also set up a Self Service portal for the guests to determine if their information was involved in the incident and dedicated call center resources from different locations.
The hotel chain has offered the affected guests a complimentary 1-year personal monitoring service from IdentityWorks that will be provided by Experian, a global data and information services provider.
This has been the second Marriott Hotel data breach after the same chain was targeted in one of the most significant data breaches in history where attackers were able to acquire around 500 million of their guests’ data back in November 2018.
For more information about this recent breach, kindly access https://mysupport.marriott.com/.
iZOOlogic is at the forefront of monitoring alerts on these types of data breaches. It is our commitment to our client-base to ensure that we look out for dark web activities that may target them and their customers through suspected malicious actions.
Every massive data breach should be approached with diligence because public exposure of Personally Identifiable Information on a large scale is a good starting point for social engineering schemes leading to phishing attacks.