Industry Insights

Alerts, Blog, News and Events, Security, Technology

Marriott reveals data breach of 500 million Starwood guests

by | Friday, November 30th, 2018

For 327 million people, Marriott says the guests’ exposed information includes their names, phone numbers, email addresses, passport numbers, date of birth and arrival and departure information. For millions others, their credit card numbers and card expiration dates were potentially compromised

Marriott says its guest reservation system has been hacked, potentially exposing the personal information of approximately 500 million guests

The hotel chain said Friday the hack affects its Starwood reservation database, a group of hotels it bought in 2016 that includes the St. Regis, Westin, Sheraton and W Hotels. Marriott said hackers had gained “unauthorized access” to the Starwood reservation system since 2014, but the company only identified the issue last week.

“The company recently discovered that an unauthorized party had copied and encrypted information, and took steps towards removing it,” Marriott said in a statement. Marriott warns that it can’t confirm if the hackers were able to decrypt the credit card numbers.

“We fell short of what our guests deserve and what we expect of ourselves. We are doing everything we can to support our guests, and using lessons learned to be better moving forward,” said CEO Arne Sorenson.

The hotel chain said it has reported the hack to law enforcement.

Marriott said it will begin emailing guests affected by the breach and has created an informational website. There’s also a call center that’s been set up. The company said it’s giving guests a free membership to WebWatcher, a personal information monitoring service. It’s also telling guests to monitor their loyalty accounts for suspicious activity, change their account passwords and check credit card statements for unauthorized activity.

Today’s revelation marks one of the biggest corporate data beaches in history. It’s second behind one involving Yahoo, which said in 2017 that 3 billion accounts encompassing several of its brands were compromised. AdultFriendFinder revealed in 2016 that 412 million accounts were hacked.

Because the hack involves customers in the European Union and the United Kingdom, the company might be in violation of the recently enacted General Data Protection Regulation. Mark Thompson, the global lead for consulting company KPMG’s Privacy Advisory Practice, told CNN Business that hefty GDPR penalties will “likely” be slapped on the company.

See original CNN News article here

Prevent this from happening to your business

Contact Compudata today for a free consultation on how proper Network Security can protect you

Book a meeting
A Glimpse Into What Compliance Looks Like for Businesses

Apr 7, 2025 | ,

It’s easy to see all the reasons why you should make data regulations and compliance a priority. After all, you want to ensure you don’t violate the trust and security of your customers, as well as the integrity of your operations. If you make even one mistake, it...

AI Search Isn’t There Yet

Apr 4, 2025 | ,

People do this all the time: if they don’t know an answer, they just make something up that sounds right. It turns out AI has the same bad habit. A Study Put AI Search to the Test, and It Did Not Go Well Researchers at the Tow Center for Digital Journalism (part of...

Remote Work Is Great, but There Are Some Pitfalls

Apr 2, 2025 | ,

Do you have employees working remotely? If you do, the real question is, are you doing everything you can to keep them productive and secure? Remote work is awesome, but it comes with its fair share of risks. Today, we get into how to competently confront them. Remote...

Hiring IT is Hard (Here’s How to Make It Easier)

Mar 28, 2025 | ,

Do you have someone on your staff who can handle most IT-related issues for your business? If not, we’re sure your organization feels it in more ways than one. The issues that come from not having IT help are only made more frustrating when it comes time to find IT...

Let’s Take the Lid Off of CAPTCHA

Mar 21, 2025 | ,

We've officially reached the point where humans have to prove they're, well, human just to access websites. One of the most common ways to do this? CAPTCHA. CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart. It might sound...

Automation Isn’t Always the Best Business Option

Mar 17, 2025 | ,

Automation makes sense from an operations standpoint, and people see this despite the many who advocate for scaling back to save jobs. For every task that can be completed, however, less than half can be automated. When you consider all the tasks that a human might be...

More Reading from Industry Insights:

AI Search Isn’t There Yet

by | Apr 4, 2025 | ,

People do this all the time: if they don’t know an answer, they just make something up that sounds right. It turns out AI has the same bad habit. A Study Put AI Search to the Test, and It Did Not Go Well Researchers at the Tow Center for Digital Journalism (part of...

Hiring IT is Hard (Here’s How to Make It Easier)

by | Mar 28, 2025 | ,

Do you have someone on your staff who can handle most IT-related issues for your business? If not, we’re sure your organization feels it in more ways than one. The issues that come from not having IT help are only made more frustrating when it comes time to find IT...