About 5.2 million Marriott guests may have had their personal information breached.
The hotel company announced Tuesday that contact details, including addresses and phone numbers, loyalty account information, and personal details such as birthdays and gender, may have been accessed using the login credentials of two employees at a franchise property.
The company said it has “no reason to believe” the breach scooped up account passwords, credit card details, or passport and driver’s license information. Marriott said it was investigating the incident, which it believes began in mid-January. The intrusion was discovered in late February.
“Upon discovery, the company confirmed that the login credentials were disabled, immediately began an investigation, implemented heightened monitoring, and arranged resources to inform and assist guests. Marriott also notified relevant authorities and is supporting their investigations,” the company said, adding that affected guests would receive an email alerting them to the breach.
It’s the second known breach for the hotel chain in less than two years. In November 2018, Marriott announced a massive data breach in which hackers accessed the information of as many as 383 million guests. China is believed to have been behind that hack.
