Another data breach at Marriott

[PamMo]

Time to reset passwords.

Marriott says new data breach affects 5.2 million guests

Marriott says guests’ names, loyalty account information and other personal details may have been accessed in the second major data breach to hit the company in less than two years.Marriott said Tuesday approximately 5.2 million guests worldwide may have been affected. The information taken may have

ca.finance.yahoo.com

...Marriott said it noticed an unexpected amount of guest information was accessed at the end of February using the login credentials of two employees at a franchised property. The company said it believes the activity began in mid-January.

 

[SandyPGravel]

"Marriott said Tuesday it has informed guests of the new data breach."

5.2 million guests affected. Anyone here receive this notification?

 

[Fasttr]

Nope.

 

[GetawaysRus]

There are 2 news items about Marriott this morning. Gary Leff (aka View from the Wing) is usually a reliable source of info:

Marriott Data Breached Again: Personal Information From Over 5 Million More Accounts Compromised - View from the Wing

After disclosing one of the biggest data breaches in history at the end of 2018, Marriott is sharing another data breach - as if just to show that bad publicity, degraded customer trust, and massive fines alone can’t put Marriott and Bonvoy on the straight and narrow

viewfromthewing.com

Notice that the statement in the above link says passwords were not breached.

I like the second news item. This will make it easier to retain status:

Marriott Doubles The Elite Nights You Can Earn Via Credit Card - View from the Wing

While Marriott’s recent direction has been to clamp down on opportunities for earning elite nights via means other than hotel stays, such as removing the 10 elite nights per year just for holding a meeting, the hotel chain has just made one change to liberalize elite earning by credit card. As...

viewfromthewing.com

 

[jbeachlvr]

No, I didn’t receive anything.


Sent from my iPhone using Tapatalk

 

[sea&ski]

Sigh... what next? I just feel so dejected. Nothing really to add.

 

[BJRSanDiego]

I read on facebook that (1) Marriott will alert us, (2) that if our accounts were compromised that we won't be able to log in without 2 point authentication and (3) they aren't offering 2 point authentication to people who were not affected. So I tried to log on to marriott.com and I could do it without being prompted to add 2-point authentication.

 

[pedro47]

To the OP. Thanks for this update.
As of this posting we have not received any notice from Marriott’s.

 

[BobG7734]

Folks, remember that Marriott International is NOT Marriott Vacation Club International. They are two separate companies (split up several years ago) and operate independently, so all the talk about Marriott Int’l is not really relevant on this board and is a cause for confusion.

Just want everyone to know!

 

[Fasttr]

Folks, remember that Marriott International is NOT Marriott Vacation Club International. They are two separate companies (split up several years ago) and operate independently, so all the talk about Marriott Int’l is not really relevant on this board and is a cause for confusion.

Just want everyone to know!

Your point about MVC and Marriott Hotels being different companies is a good reminder, but since a large percentage of MVC owners are also likely to be Bonvoy account holders, stuff that happens to Marriott Int'l is certainly relevant.....at least it is to me.

 

[dioxide45]

Folks, remember that Marriott International is NOT Marriott Vacation Club International. They are two separate companies (split up several years ago) and operate independently, so all the talk about Marriott Int’l is not really relevant on this board and is a cause for confusion.

Just want everyone to know!

Many people who own and stay at vacation club properties are also likely to often stay at Marriott hotels. So I think this information is important to know.

 

[dioxide45]

What they will likely find is that this information was obtained through targeted phishing. Based on the indication that it was through credentials of two users at a hotel property, it is possible that these people mistakenly gave up their credentials by clicking through a link in an email.

 

[Old Hickory]

The article states that name, address, phone numbers, birthdays, and loyalty program links information. No passwords. No credit cards.

So it's pretty much what I can find on your profile on Facebook and other social media like this one.

 

[dioxide45]

The article states that name, address, phone numbers, birthdays, and loyalty program links information. No passwords. No credit cards.

So it's pretty much what I can find on your profile on Facebook and other social media like this one.

But they have it all in one place now, no need to fish for it all over the internet. They could use this information to try to impersonate you to try to steal your built up points. Don't know if email addresses were also stolen, but they could match it up with other Yahoo data breaches to gain access to your Bonvoy account.

 

[billymach4]

Dang... That's how those Robo-Callers got my number claiming that I won a Marriott Vacation! Rats!

Seriously. I have been getting those calls for over a year. Anyone else?

 

[alohakevin]

The article states that name, address, phone numbers, birthdays, and loyalty program links information. No passwords. No credit cards.

So it's pretty much what I can find on your profile on Facebook and other social media like this one.

“ The article states “ as in Marriott says? Color me skeptical.

 

[Old Hickory]

“ The article states “ as in Marriott says? Color me skeptical.

No. "The article states" as in Yahoo! News says. Nowhere in the article is a Marriott official used as a source.

 

[gln60]

No. "The article states" as in Yahoo! News says. Nowhere in the article is a Marriott official used as a source.

Great point..very very skeptical of Yahoo News reporting

 

[alohakevin]

No. "The article states" as in Yahoo! News says. Nowhere in the article is a Marriott official used as a source.

1. Compromised information may involve contact details, including postal and email addresses and phone numbers; information relating to customer loyalty accounts, but not passwords; personal details such as employers, gender and birth dates; partnerships and affiliations, such as details of linked airline loyalty programmes; and guest preferences, such as room preferences and languages.

This paragraph to me seemed to be in italics in the article inferring a quote. My assumption was a statement from Marriott.

2. Marriott says customers are being notified today if they were among those whose details were compromised (again).

This to me sounds like a statement from Marriott. Overall at this time I dont have a great deal of trust regarding Marriott or Yahoo news for that matter.. So here again color me skeptical.

 

[Steve Fatula]

These repeated breaches are going to make Marriott a prime target for those looking to capture such info, since, it will appear that security is weak I fear.

I certainly have not received any notice. That must mean they didn't get my info.

 

[chuckie50]

From Marriot's corp website here is the press release

Marriott International Notifies Guests of Property System Incident | Marriott International

The Investor Relations website contains information about Marriott International's business for stockholders, potential investors, and financial analysts.

marriott.gcs-web.com