Expert: Marriott was quicker to detect second data breach

By Steve Hartridge, published 3/04/20

Improved detection systems helped Marriott International limit the damage from its most recent data breach, according to an expert.

The hotel giant has admitted falling victim to a second cyber attack in two years and said 5.2 million guests staying at several of its brands may have had their details compromised.

Andrew Hollister, Senior Director at threat intelligence specialist LogRhythm Labs, said although this was another serious breach, Marriott had clearly learned lessons since the first attack when hackers accessed information on up to 383 million guests.

“A global company like Marriott, which holds a massive amount of personal information about its guests, will always be an attractive target for bad actors,” he said.

“Whilst this is the second data breach Marriott has reported in the last two years, there are some positives to draw.

"In the previous incident in 2018, Marriott detected signs of unauthorised activity going back four years.

“In this new case, the activity appears to have begun in January 2020 and been detected during the course of February 2020. This is a significant improvement in time to detect and respond to a data breach.

“Whilst a significant number of records has been breached, the reduced time to detect has no doubt contributed to the number being substantially lower than on the previous occasion.”

The Marriott attack was carried out via third-party software used by hotels to provide guest services.

Hackers were able to get the login credentials used by two employees at a franchise property, gaining access to a raft of guest information which might have included names, addresses, birthdays, room preferences and loyalty information.

Marriott has offered to enrol guests in a personal information monitoring service for up to a year.