Marriott Data Breach, 5.2 Million Customers Affected
Marriott announced another data breach today, affecting about 5.2 million customers. That is an improvement actually, compared to the last one from November 2018, when 100 times more customers had their data compromised. So I’m guessing their IT crew is getting better at this.
Hotels operated and franchised under Marriott’s brands use an application to help provide services to guests at hotels. At the end of February 2020, an unexpected amount of guest information may have been accessed using the login credentials of two employees at a franchise property. This activity might have been going on since mid-January 2020. Upon discovery these login credentials were disabled Marriott says, and immediately the company began an investigation.
Marriott says they have no reason to believe that the information involved included Marriott Bonvoy account passwords or PINs, payment card information, passport information, national IDs, or driver’s license numbers. But the following information might have been fallen in the wrong hands:
- Contact Details (e.g., name, mailing address, email address, and phone number)
- Loyalty Account Information (e.g., account number and points balance, but not passwords)
- Additional Personal Details (e.g., company, gender, and birthday day and month)
- Partnerships and Affiliations (e.g., linked airline loyalty programs and numbers)
- Preferences (e.g., stay/room preferences and language preference)
- Ensure that you enroll by June 30, 2020 (your code will not work after this date.)
- Visit the Experian IdentityWorks website to enroll:
- Provide your activation code:
- US Residents: To be provided in the email notice or self-service portal communication
- Non-US Residents: To be provided in the email notice or self-service portal communication
A credit card is not required for enrollment in Experian IdentityWorks.