Marriott hotel empire has suffered from its second major data breach in the span of two years. The most recent was disclosed by Marriott on Tuesday. The breach affected 5.2 million customers after an attack was carried out on the chain via third-party software that Mariott uses to provide guest services. Cybercriminals were able to gain access to the login credentials for the third-party system and then had access to a plethora of private guest information.
The stolen information includes data that is critical to convincing spear-phishing campaigns, leaving the guests who’s information was exposed at risk for those types of attacks. The information exposed includes full contact details, company, gender, and birthdays, loyalty program account numbers (Marriott’s Bonboy program), points balances, and more. Marriott will now enforce password resets for all of its Bonvoy loyalty club members and initiate multi-factor authentication on user accounts.
Read More: Millions of Guests Impacted in Marriott Data Breach, Again