Something just happened that Marriott would prefer you never hear about. The company just experienced a huge data breach. In fact, this is possibly the biggest one in history. Close to 383 million people had their records impacted by the breach.
Marriott had originally expected that number to be 500 million. It has also been revealed that 20 million encrypted passport numbers and 5 million unencrypted passport numbers were compromised. Payment information was also compromised by the breach. As many as 8 million payment cards were exposed.
One shred of good news is that only about 2,000 of those card numbers were actually unencrypted. Only Starwood guests are being impacted by the breach. Marriott uses a separate reservation database for its other properties. Of course, the Starwood catalog is pretty extensive. Here are the properties that are part of the breach:
- W Hotels
- St. Regis
- Sheraton Hotels & Resorts
- Westin Hotels & Resorts
- Element Hotels
- Aloft Hotels
- The Luxury Collection
- Tribute Portfolio
- Le Méridien Hotels & Resorts
- Four Points by Sheraton
- Design Hotels
- Sheraton Vacation Club
- Westin Vacation Club
- The Luxury Collection Residence Club
- St. Regis Residence Club
Marriott’s big data breach was actually discovered at the end of last year. However, most people are just hearing about the issue now. It is very likely that this will prove to be the largest data breach in the history of the travel industry once the dust has settled and all the numbers are in.
Present and former members of Starwood Preferred Guest could be dealing with breach-related issues for a long time to come. It turns out that the massive breach that was discovered at the end of 2018 had actually been occurring for four years. Marriott has been downplaying the scope of the breach by saying that some of the 383 million records that were compromised were actually duplicate guest records. Marriott has already completed the closure of its breached Starwood reservations database. However, that database was scheduled to be discontinued long before the breach was detected.
What can past Starwood guests do if they are concerned about how the breach will affect their personal information? Marriott is providing numbers for dedicated call centers that can help individual members find out if their accounts were compromised. In addition, Marriott began sending out emails on a rolling basis on Nov. 30 of last year. All affected guests with email addresses in the Starwood reservation database are being contacted. Marriott hasn’t been very specific regarding how it intends to help guests once they have been hit by fraudulent activity as a result of the breach.