Marriott suffers another data breach

Marriott Hotels & Resorts has suffered another data breach, bringing the total to at least seven in the last decade.

The global hotel chain, fined £18.4 million by the Information Commissioner’s Office (ICO) following the most significant such incident in 2018, has seen threat actors steal 20GB of data from its servers.

Sources report that hackers had successfully used social engineering techniques to trick Marriott employees into providing access credentials to the company’s systems. The hackers reportedly had access to Marriott’s servers for less than 24 hours but were able to steal personal details of between 300 and 400 people, allegedly mainly belonging to ex-employees.

Hackers get in touch to disclose hack

The hack first came to light via the DataBreaches blog, which disclosed that the hackers – who DataBreaches are calling “GNN” (the group with no name) – had got in touch to disclose the breach.

According to DataBreaches, the hacking group was previously in touch with Marriott about the breach.

“We are the ones who organized this leak and they were communicating with us,” GNN’s spokesperson informed DataBreaches, adding, “We were acting like a RedHat organization and they just stopped communicating with us.”

For Marriott’s part, the company told DataBreaches that it was already aware of and was investigating the breach before GNN contacted them.

GNN told DataBreaches that it thought the likely reason Marriott ended communication was due to the high price it was demanding not to leak the data. Marriott has informed the relevant authorities of the breach and is supporting the investigation into what happened.

Marriott moves to quell fears of widespread breach

The breached server was at the BWI Airport Marriott in Maryland.

Speaking about those affected by the breach, a Marriott spokesperson told Engadget: “Their information was in archived files that were not detected by the scanning tool we use as part of our proactive security efforts to identify and remove sensitive data from devices.

“The incident only involved access to one associate’s device and documents on a connected file share server.

“The incident did not involve access to Marriott’s core network, the guest reservation system at the property or the payment processing system at the property.”

Image Credit: InvadingInvader, via Wikimedia Commons under CCA-SA 4.0 International (Licence).

Get in Touch

Fill in the form below to tell us your details, and we’ll get started.