Old Nov 30, 18, 8:58 am
  #95  
rny321
 
Join Date: Nov 2014
Location: New York
Programs: MB-LTT , HH-Diam., HGP-Expl., Accor-Plat., Former FPC-Plat.
Posts: 585
Originally Posted by phltraveler View Post
The info.starwoodhotels.com site also states that the breach was in the Starwood guest reservation database. Some countries like the UK require hotels to take down passport information and retain it for a minimum of 12 months (Source). This is actually common in a lot of the EU.

So even if the 3TA didn't send passport info to Starwood/Marriott or the Marriott.com/Starwoodhotels.com sites didn't have the passport info saved - if you stayed at Starwood hotels in the affected period, it may have been added to the reservation record by the front desk clerk anyways.
Although I can't control what happens to many aspects of my personal info, I try to minimize the damage when some of it is compromised. Are hotels required to keep the passport info in a readily accessible database or can it be stored offline?
rny321 is offline  
Reply With Quote