
The Marriott International hotel chain has confirmed that it has been hit by yet another data breach.
The data breach took place at one location, the BWI Airport Marriott near Baltimore. Marriott said that it is directly contacting the 300 to 400 guests that had credit card information exposed. The threat actor used social engineering to trick one hotel employee at this single Marriott hotel into providing access to their computer. The threat actor claimed to have tried to extort the hotel chain but according to Marriott, no money was paid. In total 20GB of data were leaked.
In 2018, Marriott revealed that it had been hit by an enormous database breach that affected 500 million of its guests. The data breach lasted 4 years. In another dat a breach in 2020, Marriott exposed the personal information of 5.2 million guests.
Read more about it here.