BALTIMORE, Md. – A data breach at Marriott International’s Baltimore/Washington International Airport hotel in Maryland may have compromised the personal information of employees and guests, including credit card numbers. Thieves gained access to a hotel employee’s computer in June and claim to have stolen 20 gigabytes of internal documents and customer data, according to published reports.
The hotel giant’s statement says as many as 400 individuals will be contacted regarding the breach and that law enforcement is investigating. A “threat actor” contacted the company in an attempt to extort money, but no payment was made, according to the company statement.
This is not the first time Marriott International has been the victim of cyberattack. Previous incidents include a 2020 data breach that impacted 5.2 million guests.
Marriott International issued the following statement regarding the incident:
“Marriott International is aware of a threat actor who used social engineering to trick one associate at a single Marriott hotel into providing access to the associate’s computer. The threat actor did not gain access to Marriott’s core network. Our investigation determined that the information accessed primarily contained non-sensitive internal business files regarding the operation of the property. The incident was contained to a short period of time. Marriott identified and was investigating the incident before the threat actor contacted the company in an extortion attempt, which Marriott did not pay. The company is preparing to notify 300-400 individuals regarding the incident. Marriott has also notified law enforcement and is supporting their investigation.”