#Privacy: Marriott announces exposure of associate’s Social Security numbers

Associates of Marriott International have been notified of an incident that has resulted in their Social Security numbers (SSNs) being exposed. 

On September 4, Marriott had discovered that an unknown person had gained access to sensitive information by accessing the network of an outside vendor formerly utilised by Marriott. 

After becoming aware of the incident, the vendor had confirmed that it was taking the appropriate steps to investigate the incident, and that it was working with a forensic firm. In addition, law enforcement has also been notified. 

In a letter to the impacted individuals by Peggy Hassinger, Vice President, Associate Relations, it reads: 

“This vendor served as Marriott’s agent for receiving service of official documents, such as subpoenas and court orders. A document containing your information was sent to this vendor, and it was accessed during the incident.”

The sensitive information exposed by the vendor includes names, addresses, and Social Security numbers. 

At least 1,552 individuals have been impacted – to which Marriott is providing them with access to resources to monitor for misuse of their information. 

Additionally, the individuals will receive a complimentary one-year membership in Experian’s IdentityWorks Credit 3B. 

“We have been in frequent contact with the vendor since we learned what occurred to ensure appropriate action is being taken in response.”

Marriott has terminated its relationship with the vendor. The vendor has also confirmed that it has securely removed all information regarding the associates from its network. 

In comparison to the data breach disclosed last year where the personal details of 383 million guests were accessed, this seems minor.

Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.