The second breach in less than 24 months stemmed from employee account compromises. Marriott said that the unauthorized access likely started in mid-January and continued for about a month and a half. The hotel giant also is forcing password resets for Bonvoy loyalty club members, who will also be prompted to enable multi-factor authentication on their accounts. No payment card information, passport information, national IDs or driver s license numbers were caught up in the breach, according to the notice. In November, Marriott confirmed in November that there had been unauthorized access to its Starwood guest reservations database from 2014 up to September 2018.
Source: https://threatpost.com/millions-guests-marriott-data-breach-again/154300/