Amidst everything that is going on, scams and hacks have risen steadily since the onset of the coronavirus pandemic – but this doesn’t only apply to individuals targeted by scam campaigns, but also entire organizations. On March 31st, Marriott International released a statement that they suffered a data breach impacting up to 5.2 million individuals. Keep reading for everything you need to know about this.
In their statement, the hotel chain claimed that the breach happened through an application they used to help provide services to guests at hotels. Around mid-January 2020, the login credentials of two employees were used to gain access to the guest information found on the app.
What Data Was Accessed
According to Marriott, they believe a wide variety of information may have been readily available for access, though not all of the information had been present for every guest involved:
- Contact Details (e.g. name, mailing address, email address, and phone number)
- Loyalty Account Information (e.g. account number and points balance, but not passwords)
- Additional Personal Details (e.g. company, gender, and birthday day and month)
- Partnerships and Affiliations (e.g. linked airline loyalty programs and numbers)
- Preferences (e.g. stay/room preferences and language preference)
Although all this information was available on the app, Marriott confirms that no details surrounding Marriott Bonvoy account passwords or PINs, payment card information, passport information, national IDs, or driver’s license numbers, were compromised during the breach.
What Are They Doing
Marriott sent out an email on March 31st 2020 to all guests involved in the incident – however they have implemented other methods to make sure that their guests aren’t at further risk:
- Marriott has set up a self-service online portal for guests to determine whether their information had been compromised in the breach and exactly what information had been involved. You can access the portal here.
- If your information was involved in the breach, Marriott has disabled your password and you will be prompted to reset it next time you sign in.
- Especially during a time like this, it’s best to stay alert for scams. Marriot states that it will only contact you via their email (firstname.lastname@example.org), and their email won’t contain any attachments or any prompts for further information. Don’t open any attachments, click on any links. And if you notice further suspicious activity you can contact Marriot by heading directly to the official breach website or calling the official call center numbers.
This isn’t the first time that Marriott International has suffered a breach like this. Back in 2018, Marriott had a data breach which compromised the information of up to 500 million guests who had stayed at Marriott hotels.
To stay on top of any sort of malicious data breaches or scams, we recommend upping your computer security with a solid antivirus. For our customers, we provide a discount for McAfee Antivirus, ensuring that all your personal information and data is kept to yourself, without fear of prying eyes. With hacks and scams like this on the rise, it’s always to keep yourself protected!