Marriott just confirmed it was hit by another data breach — what you need to know
Cybercriminals used social engineering to steal customer and employee data from Marriott
Marriott International has confirmed that the popular hotel chain has fallen victim to yet another data breach in which an unnamed group of cybercriminals managed to steal 20GB of files from the company.
As first reported by DataBreaches, the group reached out to the publication to provide them with a sample of documents stolen in the breach including reservation logs for airline crew members and credit card authorization forms. While news of the breach is just being reported now, it actually occurred around a month ago.
Instead of hacking into the hotel chain’s systems, the group employed social engineering to trick an associate at BWI Airport Marriott in Maryland into giving them access to their work computer.
All told, the cybercriminals managed to steal credit card details and personally identifiable information (PIA) on guests and Marriott employees.
Failed ransom attempt
After stealing 20GB of data from Marriott, the cybercriminal group tried to contact the company numerous times. While they were initially in talks, the hotel chain suddenly stopped emailing them, according to a statement they provided to DataBreaches.
“We are the ones who organized this leak and they were communicating with us. We were acting like a RedHat organization and they just stopped communicating with us,” the statement read.
Although the group claimed to be acting as red hat hackers who don’t launch cyberattacks for their own gain, they did demand a ransom payment from Marriott not to release its stolen data. While the amount the cybercriminals asked for wasn’t disclosed, they did tell DataBreaches the price was rather high. In the end, Marriott didn’t end up paying the ransom which is also the right course of action when infected with ransomware.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Here at Tom’s Guide our expert editors are committed to bringing you the best news, reviews and guides to help you stay informed and ahead of the curve!
As such, we could see some of the information obtained in the data breach either leaked online or put up for sale on dark web hacking forums in the future.
What to do after a data breach
According to a report from CyberScoop, Marriott said that most of the stolen data was “non-sensitive internal business files” regarding the operation of the firm’s hotel next to BWI airport.
A Marriott spokesperson provided further details on the matter in a statement to Tom’s Guide, saying, “Marriott International is aware of a threat actor who used social engineering to trick one associate at a single Marriott hotel into providing access to the associate’s computer. The threat actor did not gain access to Marriott’s core network."
"Our investigation determined that the information accessed primarily contained non-sensitive internal business files regarding the operation of the property," the Marriott statement continues. "The incident was contained to a short period of time. Marriott identified and was investigating the incident before the threat actor contacted the company in an extortion attempt, which Marriott did not pay. The company is preparing to notify 300-400 individuals regarding the incident. Marriott has also notified law enforcement and is supporting their investigation.”
If your personal information has been exposed in a data breach, then investing in one of the best identity theft protection services is a good idea, as such services can help you recover your identity if it’s stolen. Companies that fall victim to data breaches often make these services available to affected customers for free. Likewise, you can also use HaveIBeenPwned to see whether or not your email, passwords and other information are available online.
Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.