A little over 2 years since it last happened to them, hotel chain Marriott have disclosed details of another breach to their database of hotel guests, exposing some 5 million people to various risks – including online identity theft.
The breach included a wealth of personal information on guests who had stayed in various hotels. This information included dates of birth, names, phone numbers along with other details such as language preference and loyalty account numbers.
Marriott says there is no reason to believe payment details had been leaked. However, this is still yet to be determined.
The leak was discovered in late February when one of the Marriott hotels’ systems was compromised when hackers gained login credentials of two employees, but is believed to date back as early as mid-January.
This is another blow for Marriott who were fined $123 million (£99m) in late 2018 by UK authorities for a breach of over 500 million people’s details at a subsidiary company – Starwood.
In an effort to combat the recent breach and to help customers protect themselves, Marriott have notified those affected by email, set up a website to help provide resources, and have also created a personal information monitoring service to guests who may have had their data leaked.
So what can you do to protect yourself against data breaches such as this one?
With any data breach, the first thing you should do is check if you are affected. If you were affected by this latest Marriott breach, you will have received an email directly from the company. So check your emails.
You can also use the Certo Mobile Security app if you are on Android to check if any of your accounts have been compromised in any data breaches. Download the app from the Google Play Store using the link above.
The Breach Check feature allows you to check if you’re one of the 1 billion+ users who have their account details leaked in breaches every single year. If you are a victim, then the tool also provides assistance to help you protect yourself.
Of course, if you are notified or discover that your data has been leaked, then you should immediately change your passwords for the appropriate accounts.
We also recommend that you enable two-factor authentication for those accounts that offer it as an option. This will enable you to add an extra layer of protection and will help you stay protected even if your password is leaked.