"At the end of February 2020, we noticed that an unexpected amount of guest information may have been accessed using the login credentials of two employees at a franchise property," the company said in a statement. "We believe this activity started in mid-January 2020. Upon discovery, we immediately ensured the login credentials were disabled, began an investigation, implemented heightened monitoring, and arranged resources to inform and assist guests."
Although an investigation of this incident is ongoing, Marriott says that currently there is no "reason to believe that the information involved included Marriott Bonvoy account passwords or PINs, payment card information, passport information, national IDs, or driver’s license numbers." What it might include is contact details (name, email, mailing address, phone number), loyalty account information, additional PII (company, gender, birthday), partnerships and preferences.