- Marriott International has disclosed a data breach exposing personal data of 500 million guests.
- On Friday the company revealed that its Starwood room reservation network database was hacked and personal data of guest were exposed.
- The company discovered the breach on September 8 but was not able to find out what all data were stolen until till November 19.
- Data exposed includes name, mailing address, phone number, email address, passport number for 327 million guests and for some guest their payment card information were also compromised in the breach.
Marriott International, one of the largest hotel chains in the world has disclosed a data breach affecting around 500 million customers.
The company revealed on Friday that it Starwood room reservation network database was hacked and personal data of around 500 million guest were exposed.
According to the investigation, they discovered unauthorised access to Starwood network database since 2014.
The company discovered unauthorised entry on September 8 and was able to find out what all data was stolen only on November 19.
“On September 8, 2018, Marriott received an alert from an internal security tool regarding an attempt to access the Starwood guest reservation database. Marriott quickly engaged leading security experts to help determine what occurred. Marriott learned during the investigation that there had been unauthorised access to the Starwood network since 2014.”
For about 327 million of the 500 million affected the data exposed includes name, mailing address, phone number, email address, passport number, Starwood Preferred Guest (“SPG”) account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences,
The company said that for some guest their payment card information and payment card expiration dates were also exposed, but the company did encrypt the payment card number using Advanced Encryption Standard encryption (AES-128).
For the remaining guest data exposed is limited to name, mailing address, email address and other information.
The company said they have started notifying the customers about the incident and also started website and helpline for customers.
The company also said they have notified law and enforcement authorities about the breach and as the investigation is still ongoing they did not reveal more details about the incident.
“Marriott deeply regrets this incident happened. From the start, we moved quickly to contain the incident and conduct a thorough investigation with the assistance of leading security experts. Marriott is working hard to ensure our guests have answers to questions about their personal information with a dedicated website and call centre.” said in the statement released by the company.
if you have stayed in at a Starwood hotel in recent years there is a good chance that your personal data may be exposed. so customers are advised to change your passwords and monitor their accounts for any suspicious activity.
You may be interested in reading:Critical Flaw US Postal Service Exposed Account Details of 60 Million Users