marriott sign

Marriott Discloses Second Security Breach, Affecting Millions, In Two Years

The hack took place through Marriott Bonvoy, the company's loyalty app, and affected up to 5.2 million guests.

Disclosing its second major security breach in the past two years, the international hotel chain Marriott announced on Tuesday that a hacker had accessed data affecting up to 5.2 million guests who used Marriott Bonvoy, the company’s loyalty app.

Marriott said the hack first began in mid-February but company officials did not become aware until the end of February. A breach notification published on Marriott’s website details how a hacker used login credentials of two employees at a Marriott property to access customer information from the Bonvoy database.

“Upon discovery, we confirmed that the login credentials were disabled, immediately began an investigation, implemented heightened monitoring, and arranged resources to inform and assist guests,” the breach notification reads.

While the company investigation remains ongoing, Marriott has not found evidence that the hacker accessed account passwords, payment card information, passport information, national ID numbers or driver’s license numbers. The exposed information did include the following:

  • Contact details (e.g., name, mailing address, email address, and phone number)
  • Loyalty account information (e.g., account number and points balance, but not passwords)
  • Additional personal details (e.g., company, gender, and birthday day and month)
  • Partnerships and affiliations (e.g., linked airline loyalty programs and numbers)
  • Preferences (e.g., stay/room preferences and language preference)

Not all of this information was entered for each guest, the company said. Guests involved in the breach were notified by Marriott on Tuesday, and the chain has also set up a self-service online portal for guests to identify if their information was involved in the breach. Affected individuals can also see what categories of information were part of the breach.

Paul Bischoff, a privacy advocate with the tech research and consumer website Comparitech, said that the biggest threat facing Marriott customers in the recent breach is “targeted phishing.”

“Guests should be on the lookout for targeted messages from scammers posing as Marriott or a related company,” Bischoff said. “Don't click on links or attachments in unsolicited emails. Check email addresses and don't just trust display names. If you're uncertain as to whether a message is legitimate or not, ask Marriott using contact information found through Google.”

Back in November 2018, Marriott also disclosed that hackers had accessed personal details of an estimated 500 million guests worldwide through the Starwood Hotels reservation system it had acquired. While the company has since lowered the total to 383 million, Marriott has faced penalties in the U.K. for lax cybersecurity practices. Chinese hackers are suspected in that case.

Andrew Hollister, the director of LogRhythm Labs, noted that there are some positives to draw from Marriott’s disclosure on Tuesday, particularly in the company’s response time to the breach.

“In the previous incident in 2018, Marriott detected signs of unauthorized activity going back four years,” Hollister said. “In this new case, the activity appears to have begun in January 2020 and been detected during the course of February 2020. This is a significant improvement in time to detect and respond to a data breach.”

He added: “This latest data breach just goes to show that continuing vigilance is required to keep reducing the time to detect and respond to threats, and that real reductions in impact can be made with focus on this issue which affects every company on the globe which holds personal information.”

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

  • Survey: 54% of Organizations Cite Technical Debt as Top Hurdle to Identity System Modernization

    Modernizing identity systems is proving difficult for organizations due to two key challenges: decades of accumulated Identity and Access Management (IAM) technical debt and the complexity of managing access across multiple identity providers (IDPs). These findings come from the new Strata Identity-commissioned report, State of Multi-Cloud Identity: Insights and Trends for 2025. The report, based on survey data from the Cloud Security Alliance (CSA), highlights trends and challenges in securing cloud environments. The CSA is the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment. Read Now

  • Study: Nearly Half of Companies Exclude Cybersecurity Teams When Developing, Onboarding and Implementing AI Solutions

    Only 35 percent of cybersecurity professionals or teams are involved in the development of policy governing the use of AI technology in their enterprise, and nearly half (45 percent) report no involvement in the development, onboarding, or implementation of AI solutions, according to the recently released 2024 State of Cybersecurity survey report from ISACA, a global professional association advancing trust in technology. Read Now

  • New Report Series Highlights E-Commerce Threats, Fraud Against Retailers

    Trustwave, a cybersecurity and managed security services provider, recently released a series of reports detailing the threats facing the retail sector, marking the second year of its ongoing research into these critical security issues. Read Now

  • Stay Secure in 2024: Updated Cybersecurity Tips for the Office and at Home

    Cyber criminals get more inventive every year. Cybersecurity threats continue to evolve and are a moving target for business owners in 2024. Companies large and small need to employ cybersecurity best practices throughout their organization. That includes security integrators, manufacturers, and end users. Read Now

Featured Cybersecurity

Webinars

New Products

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises. 3

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles. 3