Hackers have apparently accessed the data records and the logins of two employees of the hotel chain, said Marriott in a press release. The violation started in mid January 2020 and was discovered in late February. Marriott initially did not provide information about which hotel chains, regions and periods the data came from. The affected guests were currently informed. “At the end of February 2020, we identified that an unexpected amount of guest information may have been accessed using the login credentials of two employees at a franchise property,” Marriott said in a statement.
US Authorities Suspect Chinese Hackers Behind The Attack
According to its own statements at the end of February, Marriott noticed that an unusually large amount of customer data had been accessed – the accounts of two employees at a franchise partner. This activity started 2 months ago. It is the third time in a year that Marriott data is being skimmed off. Attackers captured data from up to 400 million guest entries due to a security vulnerability at the subsidiary, including more than five million unencrypted passport numbers. US authorities suspect Chinese hackers behind the attack and point out that such data could be of interest to intelligence agencies, among others. Last year it was announced that unknown names and addresses of over 1,000 employees could be skimmed.
Two-Step Verification To Log Into The Marriott Account
If your account is affected by a data protection violation, you should also be asked to set up a two-step verification when you log into your Marriott account. However, all Marriott members should regularly check their membership accounts for fraudulent activity. In order to protect yourself from cyber or computer crime, it is generally advisable to renew passwords from time to time. You should pay attention to security enhancing features. A successful combination of lower and upper case, together with digits and possibly also special characters can significantly improve security.
The Security Vulnerability Could Cost The Company Millions
Marriott should have better shielded its systems against attacks. However, the amount of the fine has not yet been determined, Marriot still has time to comment on the allegations. The renewed data theft does not shed any good light on the hotel chain.