Marriott’s data hacked, 500m guests hit
WASHINGTON: As many as 500 million guests at Marriott International hotels may have been victims of a hack that in most cases pilfered passport numbers or other key identifying data, the company announced on Friday.
Marriott said it was alerted on Sept.8 that there had been an attempt to hack their reservation database in the United States.
The hack is among the largest ever disclosed, prompting a big drop in Marriott shares and an investigation by New York Attorney General Barbara Underwood, who said on Twitter that “New Yorkers deserve to know that their personal information will be protected.”
The company discovered “that there had been unauthorized access to the Starwood network since 2014” which compromised personal and inancial information.
The probe found “an unauthorised party had copied and encrypted information and took steps towards removing it.” After decrypting the information, the company found on Nov.19 “that the contents were from the Starwood guest reservation database.”
Hotel brands in the Starwood network include Sheraton, Westin, Four Points and W Hotels. Marriott completed a $13.6 billion acquisition of Starwood in 2016. The deal was announced in November 2015.
“We deeply regret this incident happened,” Marriott chief Arne Sorenson said in a statement.
“We fell short of what our guests deserve and what we expect of ourselves.” Marriott said hackers accessed information like names, addresses and dates of birth from most of the affected customers but could not rule out that they were also able to access some encrypted credit card information.