Nov 30, 2018, 5:05 am
Last edit by: MasterGeek
From Starwood Lurker team :
Please visit info.starwoodhotels.com for more information about this incident, available resources and steps you can take.
Marriott has announced a massive breach of data belonging to 500 million guests who stayed at hotel brands including W, Sheraton, and Westin.
Marriott announced on Friday that it had "taken measures to investigate and address a data security incident" that stemmed from its Starwood guest authorization database.
The company said it believes that around 500 million people's information was accessed, including an unspecified number who had their credit card details taken. It affects customers who made bookings on or before September 10, 2018.
http://uk.businessinsider.com/marriott-data-breach-500-million-guests-affected-2018-11?r=US&IR=T
https://www.prnewswire.com/news-releases/marriott-announces-starwood-guest-reservation-database-security-incident-300758155.html
You can enroll in the "identity" monitoring service provided by Marriott due to this breach here, it cannot be called "credit monitoring" because it doesn't provide access to viewing credit bureau report data (as held by Equifax, TransUnion, Experian) nor notifications when credit report data changes :
https://answers.kroll.com/us/index.html
Please visit info.starwoodhotels.com for more information about this incident, available resources and steps you can take.
Marriott has announced a massive breach of data belonging to 500 million guests who stayed at hotel brands including W, Sheraton, and Westin.
Marriott announced on Friday that it had "taken measures to investigate and address a data security incident" that stemmed from its Starwood guest authorization database.
The company said it believes that around 500 million people's information was accessed, including an unspecified number who had their credit card details taken. It affects customers who made bookings on or before September 10, 2018.
http://uk.businessinsider.com/marriott-data-breach-500-million-guests-affected-2018-11?r=US&IR=T
https://www.prnewswire.com/news-releases/marriott-announces-starwood-guest-reservation-database-security-incident-300758155.html
You can enroll in the "identity" monitoring service provided by Marriott due to this breach here, it cannot be called "credit monitoring" because it doesn't provide access to viewing credit bureau report data (as held by Equifax, TransUnion, Experian) nor notifications when credit report data changes :
https://answers.kroll.com/us/index.html
Starwood/Marriott Data Breach 500 Million Guests affected, Marriott fined £18.4m
Dec 11, 2018, 12:45 pm
#421
Join Date: Aug 2001
Location: Toronto, Canada
Programs: Liftime Titanium Elite Marriott
Posts: 1,752
Let the lawsuits begin
First lawsuit I have seen regarding the data cockup.
Canadians taking legal action against Marriott, Starwood after data breach
https://toronto.ctvnews.ca/canadians...each-1.4213380
Canadians taking legal action against Marriott, Starwood after data breach
https://toronto.ctvnews.ca/canadians...each-1.4213380
Dec 11, 2018, 1:37 pm
#424
Join Date: Apr 2000
Location: LAX and LHR. UA lifetime Gold 1.9MM 1K , DL Gold Medallion, HHonors Gold, Marriott Gold, Avis President's Club
Posts: 3,592
My email arrived today. It includes the immortal words Marriott began sending emails on a rolling basis on November 30, 2018 to affected guests whose email addresses are in the Starwood guest reservation database. Clearly they are in no particular hurry. 
Dec 11, 2018, 1:40 pm
#425
Join Date: Nov 2014
Location: New York
Programs: MB-LTT , HH-Diam., HGP-Expl.
Posts: 778
Definitely a slow roll.
Dec 11, 2018, 10:30 pm
#426
FlyerTalk Evangelist
Join Date: Feb 1999
Location: Seat 1A, Juice pretty much everywhere, Mucci des Coins Exotiques
Posts: 34,339
First lawsuit I have seen regarding the data cockup.
Canadians taking legal action against Marriott, Starwood after data breach
https://toronto.ctvnews.ca/canadians...each-1.4213380
Canadians taking legal action against Marriott, Starwood after data breach
https://toronto.ctvnews.ca/canadians...each-1.4213380
Dec 12, 2018, 6:52 am
#427
Join Date: Jun 2008
Location: UK
Programs: Hilton HHonors Diamond,Bonvoy Platinum,Shangri-La Golden Circle Jade,LH SEN,AZ Gold,VS Elevate Gold
Posts: 134
https://www.prnewswire.com/news-rele...300758155.html
Sorry mods I originally posted this in the Marriot sub form. This appears to be a big deal.We have a call center now that should be really responsive at least.
- We have established a dedicated website (info.starwoodhotels.com) and call center to answer questions you may have about this incident. The frequently-asked questions on info.starwoodhotels.com may be supplemented from time to time. The call center is open seven days a week and is available in multiple languages. Call volume may be high, and we appreciate your patience.
- For approximately 327 million of these guests, the information includes some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest ("SPG") account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences. For some, the information also includes payment card numbers and payment card expiration dates, but the payment card numbers were encrypted using Advanced Encryption Standard encryption (AES-128).
I travel a lot for business so I thought it was a particularly unlucky thing.
now I am really puzzled - but I haven't received any email yet :/
Dec 12, 2018, 8:21 am
#428
Join Date: Nov 2014
Location: lounge next door
Programs: *A Gold / ST Elite+ / OWS / EK G / HH Diam. / MR Tit / Hyatt GLOB / IHG Diam. / SL Jade / GHA Tit.
Posts: 1,523
Arrived today too... in spam... not even able to manage a clean domain and IP... pathetic.
I don't even talk about the content, it's pure amateurish words.
I don't even talk about the content, it's pure amateurish words.
Dec 12, 2018, 8:22 am
#429
Join Date: Nov 2014
Location: lounge next door
Programs: *A Gold / ST Elite+ / OWS / EK G / HH Diam. / MR Tit / Hyatt GLOB / IHG Diam. / SL Jade / GHA Tit.
Posts: 1,523
any idea about class action for European customers affected?
We can can join US or canada one or something happening in Europe?
We can can join US or canada one or something happening in Europe?
Dec 12, 2018, 8:26 am
#430
Join Date: Nov 2014
Location: lounge next door
Programs: *A Gold / ST Elite+ / OWS / EK G / HH Diam. / MR Tit / Hyatt GLOB / IHG Diam. / SL Jade / GHA Tit.
Posts: 1,523
I doubt that Marriott had one, although Marriott has plenty of lawyers on hire in the EU too. Maybe Marriott has even told its area lawyers to hold back and give the lead to a quasi-PR firm, as the Marriott website indicates: https://answers.kroll.com/
Even the way the data breach is being referred to by Marriott and Kroll smacks of PR spin driving the show more than just an interest in legal/regulatory compliance and supporting customers with customer privacy problems arising from the Marriott data breach/breaches indicated in Marriott's and Kroll's announcements on the matter.
Maybe you should try to contact Kroll's public face for its North American "data breach notification practice" and ask him for his EU-area equivalent.
https://www.kroll.com/en-us/how-we-h...-data-breaches
Even the way the data breach is being referred to by Marriott and Kroll smacks of PR spin driving the show more than just an interest in legal/regulatory compliance and supporting customers with customer privacy problems arising from the Marriott data breach/breaches indicated in Marriott's and Kroll's announcements on the matter.
Maybe you should try to contact Kroll's public face for its North American "data breach notification practice" and ask him for his EU-area equivalent.
https://www.kroll.com/en-us/how-we-h...-data-breaches
The DPO proposed a phone call, will report what he wants from me )))
But I agree, they have totally forget European customers in this case.
Dec 12, 2018, 8:27 am
#431
Join Date: Nov 2014
Location: lounge next door
Programs: *A Gold / ST Elite+ / OWS / EK G / HH Diam. / MR Tit / Hyatt GLOB / IHG Diam. / SL Jade / GHA Tit.
Posts: 1,523
not even a name, they sign Marriott DPO... not even a representative in Europe.
It's really insulting and show how little they value their customers and privacy.
For those interested, here the email : [email protected]
It's really insulting and show how little they value their customers and privacy.
For those interested, here the email : [email protected]
Dec 12, 2018, 8:49 am
#432
Join Date: Nov 2014
Location: New York
Programs: MB-LTT , HH-Diam., HGP-Expl.
Posts: 778
While a service that has been publicly disclosed to end in one year doesn't appear to be of much value, because anyone with stolen data can simply wait until the coverage ends, I was curious about the Kroll. When I called the support number, I explained that the credit card on file and the email I used for my Marriott account had been compromised and I was concerned about the possible leak of passport info. Although I believe I was clear that I didn't know if Marriott was responsible, the rep seemed to think I should replace my passport until I asked about reimbursement. I was told that a supervisor would contact me later. To their credit, someone responded by email. Although the answers understandably appeared scripted, they were responsive. While I wasn't surprised that the company is not currently offering passport replacements, I was happy to hear an honest answer.
The identity theft insurance only covers legal fees at the rate of $125 per hour, which in the NYC area may not even cover a paralegal.
Although Marriott's website is the only one where I stored both that credit card and that email address, I am not claiming that the breach caused the disclosure of either. I am also not going to rush out any get a new passport simply because the information contained in it might have been obtained by hackers. Since so much personal information may have been released, I put a credit freeze on my Equifax, Experian and TransUnion accounts.
The identity theft insurance only covers legal fees at the rate of $125 per hour, which in the NYC area may not even cover a paralegal.
Although Marriott's website is the only one where I stored both that credit card and that email address, I am not claiming that the breach caused the disclosure of either. I am also not going to rush out any get a new passport simply because the information contained in it might have been obtained by hackers. Since so much personal information may have been released, I put a credit freeze on my Equifax, Experian and TransUnion accounts.
Last edited by rny321; Dec 12, 2018 at 1:08 pm
Dec 12, 2018, 10:15 am
#433
FlyerTalk Evangelist
Join Date: Jun 2006
Location: IAD/DCA
Posts: 31,797
indeed actual professionals suggest reputable insurance companies rather than monitoring companies
breach seems related to reservations rather than profile storage
is there a good link re freezes?
breach seems related to reservations rather than profile storage
is there a good link re freezes?
Dec 12, 2018, 10:22 am
#434
Join Date: Nov 2014
Location: New York
Programs: MB-LTT , HH-Diam., HGP-Expl.
Posts: 778
Credit Bureau Contacts
Contact the national credit bureaus to request fraud alerts, credit freezes (also known as security freezes), and opt outs from pre‑screened credit offers.Equifax
Equifax.com/personal/credit-report-services
800-685-1111
Experian
Experian.com/help
888-EXPERIAN (888-397-3742)
Transunion
TransUnion.com/credit-help
888-909-8872
Dec 12, 2018, 10:26 am
#435
Join Date: Nov 2014
Location: New York
Programs: MB-LTT , HH-Diam., HGP-Expl.
Posts: 778
My concern was due to the amount of information, like passport details, that apparently was stored along with other reservations data. Unlike passport details, which I hope haven't been exposed previously, I assume that much of the information in my profile has been obtained illegally due to other breaches.