Marriott International hit by data breach - comments from Netwrix
It has been revealed that Marriott International has been hit by its second data breach in two years. According to Marriott, at the end of February 2020, an unexpected amount of guest information was accessed using the login credentials of two employees at a franchise property.
Matt Middleton-Leal, Netwrix’s General Manager EMEA & APAC, has provided the following statement in response:
“At the time of its last reported data breach incident in 2018, it took Marriott three months to identify which customers had actually been affected. It seems, looking at this latest breach, that the organisation hasn’t been able to gain visibility into the data it holds as a company and which its franchisees have access to. Credential compromise is a common root cause of data breaches, and poses a particular risk during the current climate, as hackers are trying to leverage the Coronavirus infodemic to launch phishing attacks. However, compared to Marriott’s 2018 data breach, this latest incident does appear to be a drop in the ocean, despite the fact it has affected those signed up to Marriott’s loyalty scheme, the cornerstone of many hospitality businesses. Indeed, the Marriott Bonvoy™ Loyalty Programme members includes those who use Marriott services regularly, meaning that the hotel chain could have collected a significant amount of data regarding consumer behaviour, which may now be compromised. This means that the hackers could now have enough data on individuals to launch more sophisticated and targeted phishing attacks.
“In the future, it is crucial that Marriott updates its data security to avoid being hit by a further breach. All organisations must understand exactly what data they have, where it is stored and monitor the access to it. Now that everyone is working from home, cyber security teams need to pay attention to unusual spikes in data access, so they can discover a security incident early and prevent data from leaking. For Marriott and other businesses entrusted with sensitive data, it is crucial that advanced monitoring systems are in place going forward. This type of system can enable the detection of mass data access, meaning as a company, it could have acted on an earlier warning for this type of breach.”