Reports have emerged of a new Marriott hack that saw an employee succumb to a social engineering attack. A hacking group referred to as the GNN, or Group with No Name breached a Baltimore location gaining access to a computer and stealing around 20GB of data while asking for a ransom.
Marriott has confirmed that it has been hacked again, this time by a group referred to as the “Group with No Name” or GNN by the organization Data Breaches which first reported the event.
According to the DataBreaches, a single employee at the Baltimore Airport Marriott was successfully social engineered and allowed a bad actor to gain access to a hotel property computer around a month or so ago. During the unauthorized access, the hacker removed 20 GB or so of data including business files, employee information, flight crew data, and some credit card information.
The attack appears to be limited only to the local Marriott property and not a systemwide or company-wide attack.
DataBreaches, the organization that first reported the incident, has been communicating with both the GNN and Marriott to corroborate the story. In their report, they note:
“Apart from internal business documents, other documents contained information on hotel guests and personnel. DataBreaches reviewed a number of documents where airlines made reservations for their flight crews to stay at BWIA. The forms included the crew members’ names (first initial and last name), what flight number they would be arriving on, what flight number they would be departing on, their position on the crew (pilot or flight attendant), and their assigned room number by BWIA. The arrangements also included what appeared to be corporate credit card numbers for the airline or travel agency making the guests’ arrangements”
Marriott confirmed they were asked to pay a ransom for the information, but declined and this appears to have been confirmed by GNN. The incident appears to have been quickly contained and no further damage beyond the 300 to 400 people affected by the breach has been identified.
This is not the first hack Marriott has dealt with. In 2020, Marriott acknowledged that 500 million guest accounts were affected in a massive breach that appears to have started pre-merger with the Starwood Group. The embarrassing breach was a black mark on the company, eroding guests’ confidence in the brand.
This hack, however, appears to have had a much smaller impact, affecting only a single Baltimore location.