Marriott International, who recently bought Starwood to become the largest hotel chain in the world, announced earlier today that up to 500 million guests had their data exposed via a breach of Starwood’s guest reservation database. Marriott began an investigation after receiving an alert from an internal security tool regarding an attempt to access the Starwood guest reservation database. During the investigation, they learned that there had been unauthorized access to the Starwood network since 2014, and that an unauthorized party had copied and encrypted information and had taken steps to remove it. According to Marriott, the guest information potentially compromised includes:
- Mailing addresses
- Phone numbers
- Email addresses
- Passport numbers
- Starwood Preferred Guest (SPG) account information
- Dates of birth
- Arrival and departure information
- Reservation dates
- Communication preferences
Payment card numbers and payment card expiration dates were also copied, though this information was encrypted using Advanced Encryption Standard encryption (AES-128). However, it is possible that the information needed to decrypt the cards was also taken in the breach. Marriott is still looking into this.
What can I do now to stay safe?
Marriott has already begun contacting affected users, and they’ve provided this website as a place to learn more about the incident and what services Marriott will provide to the affected. Our recommendations include:
- Update your password and any similar passwords on other accounts. This should be common practice any time a service you use reveals a hack or breach. Even if passwords aren’t stolen in an attack, updating account passwords and eliminating password reuse is an important first step in mitigating additional damage.
- Review your payment card statements for unauthorized activity, and report any unauthorized activity immediately to your bank. Because Marriott is unsure whether payment information was stolen or not, keep an eye on your statements, and notify your bank right away should you see anything suspicious.
- Beware of phishing emails, texts, or calls that are related to the hack.Cybercriminals are very clever about using a recent breach or hack to solicit sensitive information from affected users. Be skeptical of any communication you receive regarding the attack, and don’t provide any personal or account information without confirming that the communication is from Marriott and not from a scammer.
- If you believe you’re the victim of identity theft, contact local law enforcement. After attacks like these, it’s not unusual for affected users to become victims of identity theft. Monitor your credit for any suspicious activity, and act quickly should you find anything out of the ordinary.