Marriott Attacked via Third-Party Vector, Exposing Info on 5.2 Million Customers
Marriott International, Inc. is the latest victim in a string of cyber breaches targeting hotel chains, and Evidence of Compromise within Prevailion’s platform captured the key moments the organization veered into compromise territory and ultimately back to stable.
Marriott disclosed the breach Tuesday in a statement that said information on 5.2 million of its guests may have been compromised. Marriott said the organization believes the attack began in mid-January 2020 with the logins of two employees at a franchise property.
“At the end of February 2020, the company identified that an unexpected amount of guest information may have been accessed using the login credentials of two employees at a franchise property. The company believes that this activity started in mid-January 2020,” according to the organization’s update.
That time frame is consistent with Evidence of Compromise in Prevailion’s Apex Platform, which shows an elevated level of compromise in early January, resolving into stable by January 21; along with other compromise events throughout late 2019 precipitating the attack.
Screenshot of Marriott International, Inc. from within Prevailion’s Apex Platform of Compromise Intelligence.
Prevailion CEO Karim Hijazi called Marriott’s circumstance “a clear example of third-party contagion risk.”
An attack from a third-party vector grows increasingly likely as organizations expand their true perimeters with each new partner connection. But organizations are still grappling with how to obtain reliable optics on the activity within those third-party connections.
Read more about this hidden weakness and Prevailion’s Compromise Intelligence capabilities in our new white paper: Third-Party Cyber Defense: A New Level of Control & Visibility by Tracking the Adversary.
The Threat Intelligence Researcher works in Prevailion’s Intelligence team. In this role, you will work collaboratively with internal teams to deploy, manage, and maintain systems and infrastructure key to the Intelligence team’s success and growth and that of Prevailion.
The Senior Threat Intelligence Researcher works in Prevailion’s Intelligence team. In this role, you will work collaboratively with internal teams to deploy, manage, and maintain systems and infrastructure key to the Intelligence team’s success and growth and that of Prevailion.
The Associated Press recently reported that email addresses of top DHS officials had been compromised as part of the massive SolarWinds hack. According to a DHS spokesperson, “a small number of employees’ accounts were targeted in the breach” and the agency “no longer sees indicators of compromise on our networks.” But what does that actually […]