Most recent Marriott hack potentially affects 5m customers

Guest information was accessed by hackers through a Marriott franchise property system.

Marriott International was the target of another hack. (Picture: Felix Doering)

Guest information was accessed by hackers through a Marriott franchise property system.

Marriott International recently had to alert its customers to an invasion of information following a data breach involving a guest service application. We take a look at what happened and how Marriott is dealing with the breach.

Data breach at Marriott

At the end of March, hotel giants Marriott released a statement saying that there had been a breach of its data, where over 5m of the group’s customers may have had their information accessed by hackers. The hack was performed via a customer service application used in hotels operated and franchised by Marriott, and the press release about the incident stated that, “At the end of February 2020, the company identified that an unexpected amount of guest information may have been accessed using the login credentials of two employees at a franchise property.” Marriott says that, although the number of customers vulnerable to this breach was significant, no Marriott Bonvoy account passwords or PINs, payment card information, passport information, national IDs, or driver’s license numbers were accessed in the hack.

Cause and effect

As soon as Marriott was aware of this activity, the employee accounts were disabled and an investigation into the incident was launched. What the group gleaned from this investigation was that the following information for about 5.2m customers had been accessed:

Contact details

  • Loyalty account information – account number and points balance, but not passwords
  • Personal details – company, gender, birthday
  • Partnerships and affiliations – linked airline loyalty programs and numbers
  • Preferences – stay/room preferences and language preference

Marriott has been in contact via email with any guests whose information may have potentially been accessed, and has set up a dedicated website and call centre where customers can find information and support in the matter. Marriott is insured against cyber attacks, and is working on getting its insurers to assess the damage. While significant, this incident pales in comparison to the November 2018 hack, where 400m customers’ information was exposed to a data breach. No doubt Marriott’s ability to effectively deal with this hack will be compromised by the current and ongoing Covid19 crisis, and the group’s share price has also taken a hit, with shares down 7% on April 1st.

Marriott International is based in Bethesda, Maryland and encompasses a portfolio of more than 7,000 properties around the world.

Found this data interesting?

Start a free trial of THP’s database with over 8,500 hotel projects and key contact details.

Related Articles

Hyatt builds all-inclusive portfolio

A new partnership with Spanish owner operator Grupo Pinero will see Hyatt increase its all-inclusive resort lineup by around 30%...

Assets Group developing Seychelles resort

Assets Group is spearheading a project in the Seychelles, due to open in 2027...

Marriott celebrates sixtieth St Regis

Marriott's luxury St Regis brand is celebrating the opening of its 60th site, in Shanghai, China - but already the next milestone is in sight...

Newsletter

You are currently viewing a placeholder content from Default. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.

More Information