Marriott’s been hacked — again.
According to a report from DataBreaches, hackers obtained around 20GB of data from a hotel server at a BWI Airport Marriott in Maryland, including confidential information such as credit card numbers and reservation details.
Marriott, however, says that a majority of the data breached was “non-sensitive internal business files regarding the operation of the property,” according to Engadget.
The intention was to blackmail the hotel chain with the data, but Marriott refused to budge, and while the hackers were initially in communication with Marriott, the chain ultimately gave them the cold shoulder.
“We are the ones who organized this leak and they were communicating with us,” a spokesperson for the hacker group told DataBreaches. “We were acting like a RedHat organization and they just stopped communicating with us.”
The hackers obtained the data by gaining access to a Marriott associate’s computer, and then gathered the documents from a shared file server.
Marriott added that it has “no evidence that the threat actor had access beyond the files that were accessible to this one associate.” Still, Marriott said it will be informing the 300-400 individuals whose personal information was obtained during the breach, most of whom were former employees, the hotel chain told Engadget.
This isn’t the first time Marriott has been vulnerable to a cyber attack. When DataBreaches first received the tip about the breach, their first thought was, “‘Seriously?”
Since 2010, Marriott has suffered at least seven data breaches — one of which impacted about 383 million guests and resulted in a $100 million class-action lawsuit in Canada and an £18.4 million fine by the U.K.’s Information Commissioner’s Office.