Marriott Data Security Breach Affects Up to 500 Million Starwood Hotel Guests
Hip2Save may earn a small commission via affiliate links in this post. Read our full disclosure policy here.
Stayed at a Starwood Property recently?
Marriott International recently announced that they are taking measures to investigate and address a data security incident involving the Starwood guest reservation database that has affected millions of guests. 😱
What happened? On November 19th, 2018, they determined that there was unauthorized access to the database containing guest information relating to reservations at Starwood properties on or before September 10th, 2018.
Starwood properties include: W Hotels, St. Regis, Sheraton Hotels & Resorts, Westin Hotels & Resorts, Element Hotels, Aloft Hotels, The Luxury Collection, Tribute Portfolio, Le Méridien Hotels & Resorts, Four Points by Sheraton and Design Hotels.
Marriott has not finished identifying duplicate information in the database, but believes it contains information for up to approximately 500 million guests who made a reservation at a Starwood property.
Which information was accessed?
- For approximately 327 million of these guests, the information includes some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest (“SPG”) account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences.
- For some guests, the information also includes payment card numbers and payment card expiration dates, but the payment card numbers were encrypted using Advanced Encryption Standard encryption (AES-128).
- For the remaining guests, the information was limited to name and other occasional data such as mailing address, email address, or other information.
Affected? Get free WebWatcher Service.
Marriott is providing guests with the opportunity to enroll in WebWatcher free of charge for one year. WebWatcher monitors internet sites where personal information is shared and generates an alert to the consumer if evidence of the consumer’s personal information is found. Guests from the United States who activate WebWatcher will also be provided with free fraud consultation services and reimbursement coverage.
To activate and enroll in WebWatcher, click on your country below:
Have questions or concerns? Marriott has established a dedicated website and call center to answer questions you may have about this incident. The call center is open seven days a week and is available in multiple languages.