Another year, another breach against Marriott.
In November 2018, Marriott suffered a massive data breach in which unknown cybercriminals hacked into one of its databases and stole a trove of data containing personal and sensitive details of more than 500 million customers. Now, Marriott has acknowledged that the hotel giant has been hacked AGAIN.
Yes, according to Marriott International’s incident notification published on March 31, 2020, the hack attack took place after two of its employees at an unknown franchise property had their login credentials compromised. The hackers used their credentials to steal personal details of more than 5.3 million guests between mid-January 2020 to the end of February 2020.
The stolen information included:
Contact Details (e.g., name, mailing address, email address, and phone number)
Loyalty Account Information (e.g., account number and points balance, but not passwords)
Additional Personal Details (e.g., company, gender, and birthday day and month)
Partnerships and Affiliations (e.g., linked airline loyalty programs and numbers)
Preferences (e.g., stay/room preferences and language preference)
The information not included in the breach includes:
National IDspassport informationDriver’s license numbersPayment card informationPasswords or PINs for Marriott Bonvoy (The loyalty program).
Although it is unclear how the login credentials of two employees were stolen it could be a result of phishing attack tricking both in giving away their details. Lately, cybercrime group Lazarus has been targeting business giants with phishing scams to steal personal details of key employees in the company to carry out further attacks.
See: Personal deta ..
Support the originator by clicking the read the rest link below.
