Marriott says hackers attempted to extort company with Baltimore hotel data theft
Jonathan Greig July 6, 2022

Marriott says hackers attempted to extort company with Baltimore hotel data theft

Marriott says hackers attempted to extort company with Baltimore hotel data theft

Marriott confirmed reports that hackers tried to extort the company after 20 GB of employee and customer data was stolen from BWI Airport Marriott in Baltimore.

In a statement, Marriott International shared more information about a Tuesday report from Databreaches.net that an unnamed hacking group had breached servers at BWI Airport Marriott and stolen data that included credit card numbers and other personal information. 

According to Marriott International, 300-400 people were affected by the theft and the company said it was “preparing” to notify them. 

The hackers contacted the multinational hotel chain and attempted to extort the company, but a spokesperson said they did not pay. Law enforcement has been contacted about the attack. 

“Marriott International is aware of a threat actor who used social engineering to trick one associate at a single Marriott hotel into providing access to the associate’s computer,” the company said.  

“The threat actor did not gain access to Marriott’s core network. Our investigation determined that the information accessed primarily contained non-sensitive internal business files regarding the operation of the property. The incident was contained to a short period of time.”  

The company did not answer questions about whether the victims were employees or customers. Databreaches.net was given a sample of the stolen data and said it contained business documents, employee payment records, airplane flight crew information, corporate credit card numbers and more. 

As one of the world’s biggest hotel chains, the company has faced multiple breaches over the last ten years

The most notable was a 2014 breach involving the personal information of 500 million hotel guests. The U.S. government later explicitly blamed the incident on hackers allegedly associated with the Chinese government. 

The company is in the midst of one of the largest-ever class-action lawsuits ever related to the breach.   

Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.