Another data breach has been registered at Marriott International. The data breach has affected some 5.2 million hotel guests. This is the second such incident to affect Marriott in the past couple of years.
Marriott International 2020 data breach: What type of information has been exposed?
According to the official statement, the types of personal guest information includes names, addresses, employer and loyalty account numbers. It appears that the login credentials of two Marriott employees was abused to get access to the information. The incident was detected at the end of February.
The hotel giant currently has no reason to believe that the information involved included Marriott Bonvoy account passwords or PINs, payment card information, passport information, national IDs, or driver’s license numbers, as per the official statement says.
In November 2018, Marriott’s network exposed its entire database consisting of 500 million guest bookings that had happened in the course four years.
Approximately 327 million of the guest bookings included an abundance of highly sensitive personal details: the customers’ name, mailing address, phone number, email address, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences.
Another batch of breached data for an unspecified number of customers included encrypted card numbers and expiration dates. The encryption used on these details, according to Marriott, was AES-128.