Marriott International, a hotel group, has confirmed a data hack with hackers claiming to have stolen 20 gigabytes of sensitive data.
A hacking group is said to have tricked an employee at a Marriott hotel in Maryland into giving them access to their computer in June.
Marriott is aware of a threat actor who used social engineering to trick one associate at a single Marriott hotel into giving access to the associate's computer. The threat actor did not get into Marriott's core network.
Marriott said it identified and investigated the incident before the threat actor contacted the company in an attempt to extort money.
The stolen data includes guests credit card information and confidential information about both guests and employees, according to the group. The data provided to Databreaches.net purports to show reservation logs for airline crew members from January 2022 and names and other details of guests, as well as credit card information used to make booking
The data accessed was mostly non-sensitive internal business files regarding the operation of the property according to Marriott.
The company has already notified law enforcement agencies of the incident.
This isn't the first time Marriott has been the victim of a data hack. The U.K.'s Information Commissioner's Office fined the hotel chain more than twenty million dollars after it was discovered that it had been hacked in the past. Around 5 million guests were affected by Marriott's hack in January 2020.
The company declined to answer the question about the protections it has in place.
Stop saying, ‘We take your privacy and security seriously’
All Rights Reserved © 2024
