On Tuesday, the Marriott Corporation suffered a second breach exposing data of 5.2 million hotel guests. The first breach occurred on May 19th and exposed data on hotel rooms, credit card information, and social security numbers. In this new breach, the Marriott website was breached by hackers that accessing the login information and password reset links for customers of the chain’s several hundred locations. Additionally, the breach is believed to have been conducted by an employee of the company.
How its happen?
Marriott hasn’t released details about how the hackers accessed the information of its hotel guests, but in the previous incident they said the attackers were able to access certain areas of the hotel’s servers through a vulnerability in the company’s firewall. However, according to some analysts, such a move could only have been made by a highly-skilled computer hacker. The fact that the hackers used a simple Internet browser (such as Firefox) to access the site makes this even more improbable. Also, the hackers’ access to the login and password reset link links used by the Marriott site is less than an hour old.
Which data compromised?
Marriott IT experts said there was no such evidence that Marriott Bonvoy account passwords or PINs, payment card information, passport, national IDs, or driver’s license were compromised.
While Marriott did suffer the first breach, experts suggest the nature of the company’s security practices may have played a role in why the company fell victim to it. It’s not unusual for a large company like Marriott to have multiple locations and multiple levels of authentication, with many different data transfer and update methods being used at each location. So while it is understandable that the company didn’t initially implement all of its security measures, it is likely that if they had the systems in place, the hackers would have been unable to access the information in question.