A Marriott International franchise property may have been the source of a data leak that compromised information on up to 5.2 million hotel guests The breach involved the login credentials belonging to two employees; the incident happened in mid-January and was discovered by Marriott in late February 2020. The intruder’s access has since been disabled.

The latest breach

The security breach was discovered when Marriott found that ‘an unexpected amount of guest information may have been accessed’ using the two aforementioned compromised employee credentials. Those logins have since been disabled and the company has been investigating the security breach, as well as increasing its monitoring

If there’s an element of good news regarding this latest Marriott data breach, it’s that for now, at least, ‘the company currently has no reason to believe’ that certain vital guest details were accessed, including things like driver’s license numbers, bank card info, PINs, passport data, or national ID information. Certain sensitive details were potentially exposed, however.

Going forward

Security breach involved things like gender, birth dates, work company, loyalty account points and numbers, email addresses, phone numbers, mailing addresses, and names.

Not the first time

This isn’t the first time Marriott has faced a large security breach. In early 2019, for example, the company revealed that up to five million unencrypted passport numbers belonging to hotel guests had been exposed by its system. That breach involved the Starwood reservation system and impacted up to 383 million guests who stayed at one of the properties before September 11, 2018.