Marriott

Marriott, operating under the aliases Marriott and Starwood, is a hospitality organization headquartered in the United States of America. The company manages and operates hotel properties under multiple brands, including Starwood, Marriott, Hyatt, and InterContinental, through partnerships with third-party management groups such as HEI Hotels & Resorts. Its core services involve providing accommodation and related hospitality offerings to travelers across various markets.

A significant cybersecurity incident occurred on March 1, 2015, affecting 20 U.S.-based hotels managed by HEI Hotels & Resorts on behalf of Marriott, Starwood, Hyatt, and InterContinental. Malware infiltrated payment systems at these properties, targeting customer payment card data. The breach compromised sensitive information including cardholder names, account numbers, expiration dates, and verification codes. Among the affected properties, 12 were Starwood-branded hotels, six operated under the Marriott brand, and one each under Hyatt and InterContinental. The attack was attributed to financially motivated threat actors seeking to monetize stolen payment details. This incident highlighted vulnerabilities in third-party payment processing systems used across the hospitality sector.

The breach underscored the operational risks associated with franchise and management agreements in the hospitality industry, where brands like Marriott and Starwood rely on external partners for property operations. While the organization’s exact scale and market positioning were not detailed in available sources, the incident demonstrated the attractiveness of hospitality payment systems as targets for cybercriminal activity. The compromise of multiple brands under a single management entity illustrated the cascading risks inherent in shared infrastructure models. No further details regarding the organization’s corporate structure, regulatory role, or distinguishing competencies were provided in the source material.