Marriott International confirmed a data breach on Tuesday, exposing guest’s and worker’s personal data and credit card information.
Marriott International confirmed a data breach on Tuesday, exposing guest’s and worker’s personal data and credit card information.
A Marriott spokesperson reported that it “is aware of a threat actor who used social engineering to trick one associate at a single Marriott hotel into providing access to the associate’s computer.” The access “only occurred for a short amount of time on one day. Marriott identified and investigated the incident before the threat actor contacted the company in an extortion attempt, which Marriott did not pay.”
The group claiming responsibility for the attack informed Databreaches.net that it stole around 20 gigabytes of data from an employee at the BWIAirport Marriott in Baltimore,, which comprised credit card information and confidential data about guests and workers
The attackers “emailed numerous employees” at Marriott about the breach, the site reported and had been in at least limited communications with Marriott.
The spokesperson said the company had notified law enforcement,
The Marriott spokesperson said the “incident did involve access to nearly 20 GB of files” and added that the “size of the files involved is not an indication of the content.”
Marriott told CyberScoop that most of the stolen data were “non-sensitive internal business files regarding the operation of the property.” The company told Databreaches.net that it would be notifying 300-400 people and regulators, as required, a figure the Marriott spokesperson confirmed late Tuesday to CyberScoop.
Marriott suffered a data breach in November 2018, exposing the personal data of 500 million guests.
In April 2020, Marriott suffered another breach impacting more than 5.2 million hotel guests.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?