Published on : Wednesday, April 1, 2020
An unexpected amount of guest information was accessed through two employees’ login credentials between the period from mid-January of the year through the end of February.
The login credentials of the two individuals were disables in late February upon discovering the incident.
In the data breach contact details like mailing addresses and phone numbers, loyalty account information, personal details like birth dates, linked loyalty programs, and room preferences were the types of information accessed.
The company does not believe that the Marriott Bonvoy passwords, credit card information, passport information, or driver’s license numbers were accessed even though Marriott is still investigating the matter.
Tougher monitoring practices has been implemented by Marriott and has notified the authorities and is supporting those parties in their own investigations.
There is a portal for guests to get more information on the data breach and steps they can take to protect their information going forward.
The name of the app was however not mentioned by a Marriott spokesperson and there were no discussion on the underlying technology used at the company.
Work status of the two individuals was also declined whose login information was used in the data breach but reiterated the investigation was still on.