In late 2018 the Marriott hotel chain breached and hundreds of millions of customers’ records including sensitive information like credit card and passport details were stolen by the hackers.
The hotel chain started an investigation of the incident and found out that the attackers used a remote administration tool (RAT) and a known tool called Mimikatz to extract user passwords from windows operating systems. This was the possible vector that the attackers used to gain access to the user details.
The case is just another example of a low level of cyber security in hospitality. This breach is on personal details of customers, the next one can be on the hotel rooms, smart TVs, IoT devices and more.
The technology of hotels is getting more and more advanced and the cyber security is not taken into consideration.