Marriot says the hack dated back to mid-January but did not disclose additional details about how it happened. The hotel chain said that the intruder(s) had direct access to Marriott Bonvoy loyalty data such as:
- Contact details (e.g., name, mailing address, email address, and phone number)
- Loyalty Account Information (e.g., account number and points balance, but not passwords)
- Additional Personal Details (e.g., company, gender, and birthday day and month)
- Partnerships and Affiliations (e.g., linked airline loyalty programs and numbers)
- Preferences (e.g., stay/room preferences and language preference)
- The hotel said that at this moment in the investigation, it did not believe that the hacker did not gain access to account passwords, account PINs, payment card information, passport information, national IDs, or driver's license numbers.
Marriott launched a web portal for Bonvoy app users to check if they're one of the 5.2 million users impacted by the security breach, and what data the hacker might have accessed.
This is the second security breach Marriott disclosed in the past 16 months. In November 2019, Marriott said that hackers gained access to the Starwood Hotels reservation system, from where they stole the personal details of more than 383 million hotel guests (revised from the initial figure of 500 million). See our post-mortem coverage, here. US authorities said they suspected Chinese hackers of being behind the breach, but only put out a statement, but no official charges.
0 comments:
Post a Comment