Marriott International discloses a data breach that exposed the personal information of roughly 5.2 million hotel guests, the incident was detected at the end of February 2020.
“At the end of February 2020, we identified that an unexpected amount of guest information may have been accessed using the login credentials of two employees at a franchise property. We believe this activity started in mid-January 2020.” reads the data breach notification published by the company. “Upon discovery, we confirmed that the login credentials were disabled, immediately began an investigation, implemented heightened monitoring, and arranged resources to inform and assist guests.”
The following information may have been involved:
Guests could check whether they have been impacted by the security breach by visiting the online portal set up by the company.
The company also disabled and forced the reset of the passwords of Marriott Bonvoy members impacted in the incident, it also prompted to enable multi-factor authentication.
Marriott is notifying affected individuals and it is offering them free identity protection services for one year.
In November 2018, the company announced that hackers compromised guest reservation database at its subsidiary Starwood hotels and stolen