Ransomware victim disclosure
← All victimsMarriott
Claimed by Hunters International · listed 9 months ago
Status timeline
- ListedOct 3, 2025
- Data leakeddate unknown
At a glance
- Status
- Data leaked
- Country
- United States
- Sector
- Hospitality and Tourism
- Listed on leak site
- Oct 3, 2025
About the victim
AI dossier — public-source company profileMarriott International is a multinational hospitality company headquartered in Bethesda, Maryland, USA. It operates a broad portfolio of over 7,000 properties across more than 130 countries and territories, spanning luxury to economy hotel brands. It is one of the largest hotel companies in the world by property count.
- Industry
- Hospitality & Hotel Management
- Address
- 7750 Wisconsin Avenue, Bethesda, Maryland 20814, USA
- Employees
- 100000+
- Founded
- 1927
Attack summary
Severity: high — Marriott is a global hospitality company with a history of large-scale breaches involving significant PII (guest records, payment data, loyalty program data). The status is 'data_published', indicating confirmed exfiltration and public release rather than a mere listing; however, the post provides no specifics on data type or volume, preventing a 'critical' classification without corroborating evidence of regulated data at scale.Hunters International claims to have attacked Marriott International and has published data as part of a disclosed leak. The leak post does not specify whether encryption, exfiltration, or both occurred, nor does it detail the volume or nature of the data published.
Original description
AI-summarised, not from the leak postMarriott International is a renowned multinational hospitality company, headquartered in Maryland, USA. Founded in 1927, it operates a broad portfolio of hotels and related lodging facilities globally. Offerings include diverse properties from luxury to economy chain brands. As of today, Marriott has more than 7,000 properties in over 130 countries and territories, making it one of the world's largest hotel companies.
Source
Indexed 9 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

