News Posts

Marriott Hacking Exposes Data of Up to 500 Million Guests

Share on FacebookTweet about this on Twitter

Marriott’s reservation database has been hacked, potentially affecting hundreds of millions of guests who have stayed in the hotel chain’s properties since 2014, the company announced on Friday.

In a press release on its website, the company said it was first alerted that an unauthorized party had attempted to access its guest reservation database for its Starwood properties, which comprises hotel chains including the W and Four Points by Sheraton, on September 8.

An investigation revealed that there had been “unauthorized access to the Starwood network since 2014,” and that approximately 500 million guests’ personal information had been compromised.




For roughly 327 million of those guests, the data breach revealed “some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest (‘SPG’) account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences,” according to the company’s statement. Other guests’ credit card numbers and expiration dates also may have been accessed.

We deeply regret this incident happened,” Marriott president and CEO Arne Sorenson said in a statement.

We fell short of what our guests deserve and what we expect of ourselves. We are doing everything we can to support our guests, and using lessons learned to be better moving forward.”

Who is affected by the Marriott hack?

The hack affected an estimated 500 million guests who have stayed at Marriott’s Starwood brand hotels since 2014.

Those properties include the W Hotels, the St. Regis, Sheraton Hotels & Resorts, Westin Hotels & Resorts, Element Hotels, Aloft Hotels, the Luxury Collection, Tribute Portfolio, Le Méridien Hotels & Resorts, Four Points by Sheraton, Design Hotels, and Starwood-branded timeshares, according to the company.

Marriott will begin emailing guests whose information may have been compromised on November 30, the company said in a statement.

It has also set up a dedicated website and call center for guests who have questions about the hack and whether their information was compromised, and is giving guests in the US, UK, and Canada free year-long subscriptions to WebWatcher, a software that alerts users of potential identity theft or fraud.

Please like, share and tweet this article.

Pass it on: New Scientist

Leave a Reply

Your email address will not be published. Required fields are marked *