Breach Brief – Marriott, Campaign Sidekick,
In a statement released by the hotel chain it said; “At the end of February 2020, we identified that an unexpected amount of guest information may have been accessed using the login credentials of two employees at a franchise property.”
According to the company the breach happened in mid January. Marriott reported that the incident compromised guest’s personal information including name, mailing address, email address, and phone number, loyalty account information and points balance and other details that includes company, gender, dates of births, room preferences, and language preferences.
Marriott stated an investigation into the breach was being conducted, but pointed out that there was no evidence that Marriott account passwords, PINs, payment card information, passport information, national IDs, or driver’s license numbers were compromised.
Cybersecurity company UpGuard has reported it has discovered sensitive U.S. voter information left exposed due to a data breach by the voter contact and canvassing app Campaign Sidekick. According to UpGuard an unprotected copy of Campaign Sidekick’s app’s code was mistakenly left freely available on its website. The breach has since been secured.
Campaign Sidekick is used by both the Republican and Democratic parties to capture, unify, analyze and act on data about U.S. voters. The app helps collate information from interactions that take place with voters during canvassing.
Upguard found the information on February 12th, 2020. A directory on app.campaignsidekick.vote was publicly available online. According to Upguard the files were downloaded and discovered to contain sensitive information. An analyst notified Campaign Sidekick of the breach and following communication between the two organizations the breach was secured on February 15th.
No details about what type of information was exposed is currently available.