Originally Posted by
naumank
The email that was associated with my marriott.com account was compromised three days ago. As soon as I discovered it, I changed the email address to a new one on marriott.com. I had a very short window when I could still see emails at my compromised email account, and I didn't see any email confirmation of the change at either my old email or new email account. Then last night, I also removed my mobile number (they got access to my email account through a process called SIM swap) on marriott.com. Again, no email confirmation.
I have logged into marriott.com with my new email address and have been able to log on fine. My profile also lists the new email address correctly. So no harm has been done. However, my concerns are:
- Why was there no email confirmation from Marriott for the change of (1) email address; and (2) the phone number?
- There's no two-factor authentication I can turn on. Without 2FA, all our accounts are vulnerable.
P.S. I did go into Communications Preferences, and there is no option to turn on account alerts for suspicious activities. How secure are our online accounts with Marriott? Or maybe I have missed something.
So, seems to me that you're not really asking how secure it is. You're really saying that you don't think that it's secure enough.