Please ensure Javascript is enabled for purposes of website accessibility
Stayed at a Marriott? Hotel Empire Has Massive Data Breach.
By admin
Published 7 years ago on
November 30, 2018

Share

BETHESDA, Md. — A security breach inside Marriott’s worldwide hotel empire has compromised the information of as many as 500 million guests, exposing in some cases credit card numbers, passport numbers and birthdates, the company said Friday.

For as many as two-thirds of those affected, data exposed could include mailing address, phone number, email address, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation date and communication preferences.

Alarming security analysts, Marriott said that unauthorized access to data at the hotels, once run by Starwood, has been taking place since 2014.

It may be among the largest data breaches on record. Last year’s startling Equifax hack affected more than 145 million people.

The affected hotel brands operated by Starwood before it was acquired by Marriott in 2016 include W Hotels, St. Regis, Sheraton, Westin, Element, Aloft, The Luxury Collection, Le Méridien and Four Points. Starwood branded timeshare properties are also included.

None of the Marriott-branded chains are threatened.

Credit card numbers and expiration dates of some guests may have been taken, according to the company. For as many as two-thirds of those affected, data exposed could include mailing address, phone number, email address, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation date and communication preferences. For some guests, the information was limited to name and sometimes other data such as mailing address, email address or other information.

Breach Affected Approximately 500 Million Guests

“We fell short of what our guests deserve and what we expect of ourselves,” CEO Arne Sorenson said in a prepared statement. “We are doing everything we can to support our guests, and using lessons learned to be better moving forward.”

“We fell short of what our guests deserve and what we expect of ourselves. We are doing everything we can to support our guests, and using lessons learned to be better moving forward.” — CEO Arne Sorenson

Email notifications for those who may have been affected begin rolling out Friday.

While the breach affected “approximately 500 million guests” who made a reservation at one of the affected hotels, some of those records could include a single person who booked multiple stays.

Asked for more details on the 500 million number, Marriott spokesman Jeff Flaherty said Friday that the company has not finished identifying duplicate information in the database.

When the merger was first announced in 2015, Starwood had 21 million people in its loyalty program.

The company manages more than 6,700 properties across the globe. Most are in North America.

Company Unable to Decrypt the Information

While the first impulse for those potentially affected by the breach could be to check credit cards, security experts say other information in the database could be more damaging.

“The names, addresses, passport numbers and other sensitive personal information that was exposed is of greater concern than the payment info, which was encrypted,” said analyst Ted Rossman of CreditCards.com. “People should be concerned that criminals could use this info to open fraudulent accounts in their names.”

An internal security tool signaled a potential breach in early September, but the company was unable to decrypt the information that would define what data had potentially been exposed until last week.

Marriott, based in Bethesda, Maryland, said in a regulatory filing that it’s premature to estimate what financial impact the data breach will have on the company. It noted that it does have cyber insurance, and is working with its insurance carriers to assess coverage.

The Starwood breach stands out among even the largest security hacks on record. Hilton had two separate data breaches that exposed more than 350,000 credit card numbers. One breach began in November 2014 and another in April 2015. Yahoo had a data breaches in 2013 and 2014 that impacted about 3 billion of its accounts. Target also had an incident in 2013 that affected more than 41 million customer payment card accounts and exposed contact information for more than 60 million customers.

The reaction to the breach was swift Friday.

Rocky Process of Merging Its Computer System

The New York Attorney General opened an investigation. Virginia Sen. Mark Warner, co-founder of the Senate cybersecurity caucus and the top Democrat on the Senate intelligence committee, said that the U.S. needs laws that will limit the data companies can collect on its customers.

“It is past time we enact data security laws that ensure companies account for security costs rather than making their consumers shoulder the burden and harms resulting from these lapses.” — Virginia Sen. Mark Warner

“It is past time we enact data security laws that ensure companies account for security costs rather than making their consumers shoulder the burden and harms resulting from these lapses,” Warner said in a prepared statement.

Marriott has had a rocky process of merging its computer system with Starwood computers. Members of both loyalty programs have complained about missing points, glitches with stays crediting to their accounts and problems with free nights earned from credit cards not appearing.

Sorenson said that Marriott is still trying to phase out Starwood systems.

Marriott has set up a website and call center for anyone who thinks that they are at risk.

Shares of Marriott tumbled 5 percent at the opening bell.

DON'T MISS

What Are Fresno Real Estate Experts Predicting for 2025 and Beyond?

DON'T MISS

First California EV Mandates Hit Automakers This Year. Most Are Not Even Close

DON'T MISS

No Known Intelligence That Iran Moved Uranium, US Defense Chief Says

DON'T MISS

What Does the Fresno County Schools Superintendent Do? Read This Q&A to Find Out

DON'T MISS

Israel Says Iran’s Supreme Leader Avoided Assassination by Going Underground

DON'T MISS

Much of LA’s Community of Immigrants Is Hiding, Leaving a Hole in the Fabric of the City

DON'T MISS

US Supreme Court to Issue Term’s Final Rulings on Friday

DON'T MISS

Driver Crashes Into Farm Equipment While Distracted by Phone, Fresno Authorities Say

DON'T MISS

Valley Crime Stoppers’ Most Wanted Person of the Day: Timothy Edward Allen

DON'T MISS

Newsom and Legislature Tangle With Construction Unions Over Minimum Wage

DON'T MISS

Tesla Executive, Elon Musk Confidant Leaves EV Maker, Bloomberg News Reports

DON'T MISS

Fresno, Kings Counties See Large Police Sweep. Officials Say ICE Not Involved.

UP NEXT

Israel Says Iran’s Supreme Leader Avoided Assassination by Going Underground

UP NEXT

Tesla Executive, Elon Musk Confidant Leaves EV Maker, Bloomberg News Reports

UP NEXT

Cargo Ship That Caught Fire Carrying Electric Vehicles Sinks in the Pacific

UP NEXT

How the United States Helped Create Iran’s Nuclear Program

UP NEXT

Israel Halts Aid Into Gaza, Official Says, Clans Deny Hamas Is Stealing It

UP NEXT

Israeli Settlers Raid West Bank Town, Troops Kill 3 Palestinians

UP NEXT

Trump Says Netanyahu’s Trial Should Be Canceled

UP NEXT

Trump Signals US May Ease Iran Oil Sanction Enforcement to Help Rebuild Country

UP NEXT

CIA Says Intelligence Indicates Iran’s Nuclear Program Severely Damaged

UP NEXT

Israeli Spy Chief Commends Agents for Iran Mission, Vows to Remain Vigilant

Much of LA’s Community of Immigrants Is Hiding, Leaving a Hole in the Fabric of the City

29 minutes ago

US Supreme Court to Issue Term’s Final Rulings on Friday

34 minutes ago

Driver Crashes Into Farm Equipment While Distracted by Phone, Fresno Authorities Say

1 hour ago

Valley Crime Stoppers’ Most Wanted Person of the Day: Timothy Edward Allen

1 hour ago

Newsom and Legislature Tangle With Construction Unions Over Minimum Wage

1 hour ago

Tesla Executive, Elon Musk Confidant Leaves EV Maker, Bloomberg News Reports

1 hour ago

Fresno, Kings Counties See Large Police Sweep. Officials Say ICE Not Involved.

1 hour ago

S&P 500, Nasdaq Near Record Highs as Rate-Cut Bets Creep Up

2 hours ago

Bobby Sherman, Easygoing Teen Idol of the 1960s and ’70s, Dies at 81

2 hours ago

Cargo Ship That Caught Fire Carrying Electric Vehicles Sinks in the Pacific

2 hours ago

No Known Intelligence That Iran Moved Uranium, US Defense Chief Says

WASHINGTON – U.S. Defense Secretary Pete Hegseth on Thursday said he was unaware of any intelligence suggesting Iran had moved any of ...

2 minutes ago

U.S. Defense Secretary Pete Hegseth and Chairman of the Joint Chiefs of Staff Air Force General Dan Caine, speak during a press conference at the Pentagon in Arlington, Virginia, U.S., June 26, 2025. (Reuters/Idrees Ali)
2 minutes ago

No Known Intelligence That Iran Moved Uranium, US Defense Chief Says

20 minutes ago

What Does the Fresno County Schools Superintendent Do? Read This Q&A to Find Out

Defence Minister Israel Katz, then Israel's foreign minister, looks on, amid the ongoing conflict in Gaza between Israel and Hamas, in Jerusalem, November 7, 2024. (Reuters File)
21 minutes ago

Israel Says Iran’s Supreme Leader Avoided Assassination by Going Underground

29 minutes ago

Much of LA’s Community of Immigrants Is Hiding, Leaving a Hole in the Fabric of the City

A general view of the U.S. Supreme Court building in Washington, U.S., June 1, 2024. (Reuters File)
34 minutes ago

US Supreme Court to Issue Term’s Final Rulings on Friday

A distracted driver crashed into a spray rig on a rural road, prompting officials to urge caution and remind motorists to share the road with farm equipment. (CHP)
1 hour ago

Driver Crashes Into Farm Equipment While Distracted by Phone, Fresno Authorities Say

Timothy Edward Allen is Valley Crime Stoppers' Most Wanted Person of the Day for June 26, 2025. (Valley Crimes Stoppers)
1 hour ago

Valley Crime Stoppers’ Most Wanted Person of the Day: Timothy Edward Allen

Bakersfield California Housing Project
1 hour ago

Newsom and Legislature Tangle With Construction Unions Over Minimum Wage

Help continue the work that gets you the news that matters most.

Search

Send this to a friend