Starwood/Marriott Data Breach 500 Million Guests affected, Marriott fined £18.4m
 

Thta´s why I do not trust outsiders, my phone or any apps to store my CC or passport information. Makes life a little easier, until it makes it so much more difficult.

You have to be kidding me.

info.starwoodhotels.com

I have had to replace 3 Amex cards this year due to being compromised.

Well done Marriott, keep up the good job. :mad:

Now I have to wait for the email saying I was part of the millions.

Only 325 Million is guest stays have their passport info compromised. Everyone should go ahead and change their passport numbers now to be safe. At least credit card data appears to be safe here.

ARNE Should resign. He has simply failed to deliver in this MERGER. Someone is going to sue the .... out of Marriott over this. Total cost to Marriott is going to be Material.

It's pretty huge -- and the 8-k filing to the SEC indicates that there's a material event's issue arising from this situation. But I doubt it really makes a huge financial difference for Marriott. Unfortunately. Between insurance coverage and the corporate apologist inclination of the systems in which we are dealing in the main, I doubt Marriott loses more than even a few week's revenue over this boondoggle.

The value of all such information in the hands of questionable actors -- be they run-of-the-mill criminals, organized, international crime syndicates, or governmental actors -- is rather substantial, even if all the stored bank card data has not all been compromised.

My passport information is not in most of my reservations and that info has only been loaded into the hotel systems at some places when I've checked in. There is no good customer reason for Marriott/Starwood to store passport numbers/info beyond that which is required by laws in relevant jurisdictions for relevant stays. That said, I wouldn't change a passport just because the passport number got swiped -- governments are the biggest leakers of passport numbers, so I'm sure my passports' numbers are out there where it has no good reason to be.

FFS. I said just a month ago that the total lack of quality assurance made it likely that a major data breach was likely in the near future. They have singularly failed in conducting due diligence to serve and protect their customers.

Edit: Though it does appear this may have partially pre-dated the merger.

Credit card data is the least important IMHO. That’s the easiest to fix. Passport number not so much. Somewhat ironically, what seemed to trigger them knowing was the hackers trying to encrypt the data they were stealing. Given the length of the hack and clearly how well it was set up this doesn’t sound like just some teenager in his parents garage doing it for fun.

Some additional detail from Business Insider. My bolding.

This implies a breach in the SPG booking platform, which simply continued through the August merger.

Yes, as I noted 5min before you posted this. Thanks!

It's been going on during the acquisition and even after the acquisition. It's even been going on as of a couple of months ago.

If Marriott weren't so busy rushing to squeeze customers via the rushed integration related to the merger/acquisition, perhaps the company would have caught this mess sooner and the boondoggle wouldn't have been as bad as it had become.

Wow, what's going to happen in the EU with their strict new GDRP rules? Or as this predates that law will they get out of it?