Digital miscreants stole about 20 gigs of data from Marriott. The silver lining is that the data plucked in the attack was not especially valuable or sensitive. Hackers weaseled their way into the hotel chain's network. They stole information about the company's Baltimore location, data about flight crew hotel rooms, payment for those rooms, and other customer-related information.
Marriott public relations professionals have offered precious few details about how the breach occurred for security purposes. It appears as though the hackers used vector links to conduct a social engineering offensive. Though the company revealed hackers made the digital infiltration in an effort to extort the company for financial gain, Marriott halted the attack after the information noted above was stolen and denied the payment request.
This specific breach took place in January 2022.
The breach resulted in hackers obtaining information about Marriott employees, including flight crews. The question is whether the stolen data has enough value to be sold on the black market. At the very least, the financial information stolen in the attack has value.
Hackers accessed one Marriott associate's computer in the attack. Furthermore, the data stolen in the attack was restricted to a group of files about hotel customers at a specific location. At the moment, Marriott has not revealed exactly how many files were illegally accessed, though the rough estimate is around 20 gigs worth of data was plucked.
To find out more about the breaches of Marriott, please read our blog article on how Marriott Suffered Another Data Breach