You or someone you know may have been affected by the largest breach of data in the travel industry. On November 30, CNBC reported that Marriott filed with the SEC about a potential breach. This morning Marriott has revealed that over 500 Million guests have had their accounts compromised.
On September 8th, Marriott filed with the SEC about a potential hack. On November 19th, Marriott’s investigation determined that the hack came from its Starwood database. Starwood Hotels was bought by Marriott in 2016.
Anyone who has stayed in a Starwood Hotel since 2014 may have been affected. It does not matter whether you were a member of the loyalty program or not. Information that has leaked includes the following:
- Names
- Mailing Adress
- Phone numbers
- Passport Number*
- SPG Account Information
- Date of Birth
- Gender
- Past Hotel Stays
- Reservation Information
- Communication Information
- Potentially Credit Cards*
- Passport numbers would only be compromised if the user needed it for a stay and entered it into their accounts
- It is too early to tell if credit cards have been compromised. Marriott warns that they believe some card information has been leaked.
Marriott will be sending emails to those who information has been compromised today (Friday, November 30). Check your email to see if your account was in the database. Even if your account was not hacked this is a good reminder to change your password.
What to do if your account was compromised
- Monitor your Marriott Rewards account (SPG accounts have merged into Marriott accounts)
- Change your password
- Beware of phishing scams. (links to fake websites)
- Marriott will never ask for your password by phone or email
- Monitor all credit card accounts
- Report your account to the Federal Trade Commission
- Use this resource set up by Marriott
This is a very sad development. Both British Airways and Cathay Pacific have faced breaches this year. However, none on the scale of the Marriott breach. So far, 327 million people have been identified. This breach could affect anyone. Business travelers or a once per year traveler.
This post may be updated once more information is revealed.