Marriott International announced on Friday that they have had a massive data breach that exposed the personal details of up to 500 million guests.
Apparently hackers had compromised the Starwood Reservation Database, which is owned by Marriott. That means guests who have stayed at a Starwood property (W Hotels, St. Regis, Sheraton Hotels & Resorts, Westin Hotels & Resorts, Aloft Hotels, among others) on or before September 10 may have been affected.
The type of information stolen varies. For 327 million, the data breach included “some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest (‘SPG’) account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences,” according to Marriott. They have also “not been able to rule out” the possibility that credit card information had also been stolen.
Not only is this breach massive, but apparently it has been going on since 2014! It wasn’t until September of 2018 that the breach was detected and then it took months for the company to confirm that the Starwood Reservation Database was compromised.
The hotel chain urges people not to panic and to monitor their credit activities. They said they will send emails to affected guests and will offer affected guests a year’s worth of fraud monitoring services for free.