The Marriott hotel chain has suffered another data breach, with unknown threat actors managing to steal 20GB of data from its servers.
As Engadget reported, the attackers targeted company employees with social engineering techniques, and one fell for it. The group managed to access the company's terminals (opens in a new tab) for less than a day, but it was enough to steal data from up to 400 people, most of whom were allegedly former employees.
"Your information was in archived files that were not detected by the scanning tool we use as part of our proactive security efforts to identify and remove sensitive data from the device," a porter, Marriott's word told Engadget.
Intact Core Network
The threat actor apparently targeted the BWI Airport Marriott in Maryland, USA. He obtained reservation documents from the flight crew, as well as corporate credit card numbers for an airline or travel agency. Marriott further claimed that most of the data was "non-confidential internal business files with respect to the operation of the property."
"The incident only involved accessing an associate's device and documents on a connected file-sharing server," the spokesperson said. "The incident did not involve access to Marriott's core network, the property's guest reservation system, or the property's payment processing system."
The group also tried to extort money from Marriott, but the company allegedly refused to pay a ransom for the safe return of the data.
Marriott cannot rest from cyber attacks. During the last decade, the chain has suffered seven incidents, the most important in November 2018, after the purchase of Starwood hotels.
The subsidiary was already compromised when Marriott bought it, but after failing to properly audit its systems, it ended up leaking data from more than 380 million customers. The identities (opens in a new tab) of many customers were at risk, as more than five million unencrypted passport numbers were allegedly also stolen.
The company was fined nearly €22 million by the UK Information Commissioner's Office (ICO) for the incident.
Via Engadget (Opens in a new tab)