Go Back  FlyerTalk Forums > Miles&Points > Hotels and Places to Stay > Marriott | Marriott Bonvoy
Reload this Page >

Marriott Data Breach [from Starwood database] : 500 Million Guests affected

Marriott Data Breach [from Starwood database] : 500 Million Guests affected

    Hide Wikipost
Old Apr 4, 19, 10:42 pm   -   Wikipost
Please read: This is a community-maintained wiki post containing the most important information from this thread. You may edit the Wiki once you have been on FT for 90 days and have made 90 posts.
 
Last edit by: MasterGeek
Wiki Link
From Starwood Lurker team :
Please visit  info.starwoodhotels.com  for more information about this incident, available resources and steps you can take.

Marriott has announced a massive breach of data belonging to 500 million guests who stayed at hotel brands including W, Sheraton, and Westin.
Marriott announced on Friday that it had "taken measures to investigate and address a data security incident" that stemmed from its Starwood guest authorization database.
The company said it believes that around 500 million people's information was accessed, including an unspecified number who had their credit card details taken. It affects customers who made bookings on or before September 10, 2018.

http://uk.businessinsider.com/marrio...8-11?r=US&IR=T
https://www.prnewswire.com/news-rele...300758155.html

You can enroll in the "identity" monitoring service provided by Marriott due to this breach here, it cannot be called "credit monitoring" because it doesn't provide access to viewing credit bureau report data (as held by Equifax, TransUnion, Experian) nor notifications when credit report data changes :
https://answers.kroll.com/us/index.html
Print Wikipost

Reply

Old Nov 30, 18, 5:45 am
  #31  
A FlyerTalk Posting Legend
 
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 87,357
Originally Posted by Football Fan View Post
How come they waited so long to inform about this?
This is in part exactly why I would like to have Marriott come out and say how exactly the problem was identified.
GUWonder is online now  
Reply With Quote
Old Nov 30, 18, 5:45 am
  #32  
 
Join Date: Nov 2000
Location: Hotel Guru
Programs: Marriott Lifetime Titanium, UA Gold
Posts: 1,332
So much for for the clearly superior SPG IT...
Muerz is offline  
Reply With Quote
Old Nov 30, 18, 5:45 am
  #33  
chp
 
Join Date: Mar 2013
Programs: BAEC Silver
Posts: 55
Originally Posted by fransknorge View Post
Are we talking about 500 millions unique persons ? If so this might be the largest data breach in history no ? This is 6.5% of the globe population.
The Yahoo! mail breach in 2013 affected around 3 billion accounts. They wouldn't have had the amount of personal information leaked in this breach, though.
chp is offline  
Reply With Quote
Old Nov 30, 18, 5:45 am
  #34  
 
Join Date: Feb 2017
Programs: DL DM, UA Gold, Alaska MVP, Bonvoy (lol) Ambassador
Posts: 2,128
Originally Posted by fransknorge View Post
Are we talking about 500 millions unique persons ? If so this might be the largest data breach in history no ? This is 6.5% of the globe population.
It is almost certainly 500 million reservations and not 500 million unique guests.
ethernal is online now  
Reply With Quote
Old Nov 30, 18, 5:51 am
  #35  
 
Join Date: Mar 2010
Posts: 1,031
Originally Posted by GUWonder View Post
This is in part exactly why I would like to have Marriott come out and say how exactly the problem was identified.
More importantly explain how they didn't catch the program name Bonvoy.
nnn, KRSW and Twickenham like this.
HHonors OUTSIDER is offline  
Reply With Quote
Old Nov 30, 18, 5:55 am
  #36  
 
Join Date: Aug 2018
Posts: 416
Originally Posted by GUWonder View Post

The adequacy/inadequacy of such due diligence is all upon Marriott. Before and after its acquisition closed.
In this particular transaction that is the case, because this was structured as a merger. In the typical acquisition structure however the seller is liable for any undetected/undisclosed issues that are materially relevant. Thatís why in any acquisition transaction the buyer typically demands several guarantees from seller and a portion of the transaction price is usually put into escrow for some years.
MePlatPremier is online now  
Reply With Quote
Old Nov 30, 18, 6:03 am
  #37  
A FlyerTalk Posting Legend
 
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 87,357
Originally Posted by MePlatPremier View Post
In the typical acquisition structure however the seller is liable for any undetected/undisclosed issues that are materially relevant.
Only under what is essentially a contract that states the above, otherwise it varies. Plenty of acquisitions take place even without MAC clauses; and even many acquisitions with MAC clauses are done in such a way that not all undetected/undisclosed material issues are covered by such clause.

But none of this changes the fact that Marriott owns this problem and deserves it lumps for what it has.
TerryK likes this.
GUWonder is online now  
Reply With Quote
Old Nov 30, 18, 6:14 am
  #38  
 
Join Date: Dec 2007
Location: Canada
Posts: 951
Becoming part of Marriott has simply been exhausting from day one! Ugh.
Bravada04 is offline  
Reply With Quote
Old Nov 30, 18, 6:14 am
  #39  
FlyerTalk Evangelist
 
Join Date: Jul 1999
Location: ORD/MDW
Programs: AA, HH, MR elite. Fly mostly AA/WN/B6.
Posts: 18,586
Originally Posted by Football Fan View Post
How come they waited so long to inform about this?
It takes some time to form an action plan and a storyline for external communications, get a website written / approved / built, and spin up a call center properly organized and equipped. They only confirmed the architecture of the breach on 19 November. I am sure the crisis team had no Thanksgiving holiday.
BearX220 is offline  
Reply With Quote
Old Nov 30, 18, 6:14 am
  #40  
 
Join Date: Aug 2010
Location: JAX
Programs: United Lifetime 1K, Global Service, Marriott LTPE, Hyatt GLobalist, AA MM,Hertz PC
Posts: 60
The question is , how are they protecting us know and how will they cover the breach?
shelby101 is offline  
Reply With Quote
Old Nov 30, 18, 6:17 am
  #41  
Company Representative - Starwood
 
Join Date: Aug 2011
Programs: SPG
Posts: 713
Dear all,

Thanks for reaching out about the Starwood guest reservation database security incident. Please visit  info.starwoodhotels.com  for more information about this incident, available resources and steps you can take.

All the best,

Alice K.
Social Media Specialist
Marriott International

[email protected]
Starwood Lurker IV is offline  
Reply With Quote
Old Nov 30, 18, 6:21 am
  #42  
 
Join Date: May 2010
Location: AVP & PEK
Programs: UA 1K MM, Hertz PC
Posts: 1,996
How can I check to see what information I had under user profile with starwoodhotels.com if it now reverts to marriott.com?
Would like to check what information I had subjected to the breach.
narvik is offline  
Reply With Quote
Old Nov 30, 18, 6:21 am
  #43  
 
Join Date: Sep 2004
Posts: 289
My personal information has been hacked and stolen so many times, at this point I may as well just buy a bunch of billboards and start publishing it myself.
Rabidstoat is offline  
Reply With Quote
Old Nov 30, 18, 6:22 am
  #44  
 
Join Date: May 2010
Posts: 2,287
This is hysterical. Starwood has a system that's been leaking data since 2014. And it's Marriott's fault?

While perhaps Marriott should have found it sooner, the issue started well before Marriott showed up

And folks..... if you are only thinking about monitoring etc because Starwood's been breached, pull your head out of the sand and get proactive.

As was said above most of our data's been breached so much you might as well put it on a billboard!
Orange County Commuter is offline  
Reply With Quote
Old Nov 30, 18, 6:27 am
  #45  
 
Join Date: Nov 2004
Location: Nashville
Programs: DL DM 2 MM AA PLAT HH Lifetime Diamond SPG Lifetime Plat Marriott Plat AMB Hertz PC
Posts: 5,810
Originally Posted by BearX220 View Post
It takes some time to form an action plan and a storyline for external communications, get a website written / approved / built, and spin up a call center properly organized and equipped. .
With all Marriott's current IT problems it is worse since they still do not have the regular call centers working at anything close to an acceptable level.
BearX220 and GUWonder like this.
troyintn is offline  
Reply With Quote

Thread Tools
Search this Thread