Marriott has confirmed a second data breach in three years — this time involving the personal information on 5.2 million guests.
The hotel giant said Tuesday it discovered in late February the breach of an unspecified property system at a franchise hotel. The hackers obtained the login details of two employees, a hotel statement said, and broke in weeks earlier during mid-January.
Marriott said it has “no reason” to believe payment data was stolen, but warned that names, addresses, phone numbers, loyalty member data, dates of birth and other travel information — such as linked airline loyalty numbers and room preferences — were taken in the breach.
Starwood, a subsidiary of Marriott, said in 2018 its central reservation system was hacked, exposing the personal data and guest records on 383 million guests. The data included five million unencrypted passport numbers and eight million credit card records.
It prompted a swift response from European authorities, which issued Marriott with a fine of $123 million in the wake of the breach.