Marriott International is investigating a data breach that the
company estimates may have impacted up to 5.2 million customers.
The breach, which was discovered at the end of February,
involved “a property system” that is used to “help provide services to guests
at hotels,” according to a statement from Marriott. The data is believed to
have been exposed since mid-January.
When asked why it took Marriott a month to go public with
the breach, the company said, “We are still investigating the incident. We identified that an unexpected amount of guest information
may have been accessed using the login credentials of two employees at a
franchise property. We have several policies and controls in place related to
the relevant property application. Marriott remains committed to further
strengthening its protections to detect and remediate incidents such as this in
the future.”
While an investigation is ongoing, Marriott reports that
stolen data could include contact details such as name, mailing address, email
address and phone numbers; loyalty account information; personal details,
including company, gender and birth date; linked airline loyalty programs and
numbers; and room and language preferences. The company said it has “no reason
to believe” information like Marriott Bonvoy account passwords or PINs, payment
card information, passport information, national IDs or driver’s license
numbers has been exposed.
Marriott is sending email alerts to customers affected by the
breach and has established a website
and call center. The company will also offer guests complimentary enrollment in
a personal information monitoring service.
The incident follows a 2018 security breach of Marriott’s
Starwood network, which was ultimately found to have exposed as many as 383 million guest
records, including names, mailing addresses, phone numbers, email addresses,
passport numbers and payment card numbers.
Source: Read Full Article