Not 500 million unique persons. Way less than that is my suspicion. But hotel data systems have been prime targets for exploitation by criminal outfits and for governmental actors.
Originally Posted by
MePlatPremier
I’m sure they did due diligence during the acquisition process but either it wasn’t enough or this bug was extremely well disguised.
The adequacy/inadequacy of such due diligence is all upon Marriott. Before and after its acquisition closed.