Marriott Data Breach [from Starwood database] : 500 Million Guests affected
Aug 5, 19, 6:41 pm - Wikipost
|
|||
|
|||
|
Nov 30, 18, 4:32 am
#1
Original Poster
Join Date: Mar 2010
Location: Sunshine State
Programs: Avis Trump. Costco Exec. SPG PLAT PREM-90. WN A+/CP. AA SLV. Nat EE..
Posts: 445
Marriott Data Breach [from Starwood database] : 500 Million Guests affected
https://www.prnewswire.com/news-rele...300758155.html
Sorry mods I originally posted this in the Marriot sub form. This appears to be a big deal.We have a call center now that should be really responsive at least.
- We have established a dedicated website (info.starwoodhotels.com) and call center to answer questions you may have about this incident. The frequently-asked questions on info.starwoodhotels.com may be supplemented from time to time. The call center is open seven days a week and is available in multiple languages. Call volume may be high, and we appreciate your patience.
- For approximately 327 million of these guests, the information includes some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest ("SPG") account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences. For some, the information also includes payment card numbers and payment card expiration dates, but the payment card numbers were encrypted using Advanced Encryption Standard encryption (AES-128).
Last edited by yosithezet; Nov 30, 18 at 4:58 pm Reason: Fixed url
Nov 30, 18, 4:41 am
#3
Join Date: Nov 1999
Location: MEX/PBC/ACA
Programs: AS MVP/AC E75K/SPG-Marriott Titanium/Accor-FPC Plat/IHG Plat/HHDiamond/Hyatt Exp
Posts: 4,873
You have to be kidding me.
info.starwoodhotels.com
I have had to replace 3 Amex cards this year due to being compromised.
Well done Marriott, keep up the good job.
Now I have to wait for the email saying I was part of the millions.
info.starwoodhotels.com
I have had to replace 3 Amex cards this year due to being compromised.
Well done Marriott, keep up the good job.
Now I have to wait for the email saying I was part of the millions.
Last edited by PointWeasel; Nov 30, 18 at 4:45 am Reason: add specific website
Nov 30, 18, 4:45 am
#4
Original Poster
Join Date: Mar 2010
Location: Sunshine State
Programs: Avis Trump. Costco Exec. SPG PLAT PREM-90. WN A+/CP. AA SLV. Nat EE..
Posts: 445
Only 325 Million is guest stays have their passport info compromised. Everyone should go ahead and change their passport numbers now to be safe. At least credit card data appears to be safe here.
Would love for some tech experts to opine on this but so far it sounds like someone has had a backdoor in the SPG system for a long while not sure if 2014 or if they were just able to access data back to 2014. They became aware POST integration so it would suggest that they have legacy Marriott user data as well?
Nov 30, 18, 4:47 am
#6
A FlyerTalk Posting Legend
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 90,342
Originally Posted by ucfjoe
https://www.prnewswire.com/news-rele...300758155.html
Sorry mods I originally posted this in the Marriot sub form. This appears to be a big deal.
The value of all such information in the hands of questionable actors -- be they run-of-the-mill criminals, organized, international crime syndicates, or governmental actors -- is rather substantial, even if all the stored bank card data has not all been compromised.
Originally Posted by ucfjoe
Only 325 Million is guest stays have their passport info compromised. Everyone should go ahead and change their passport numbers now to be safe. At least credit card data appears to be safe here.
Would love for some tech experts to opine on this but so far it sounds like someone has had a backdoor in the SPG system for a long while not sure if 2014 or if they were just able to access data back to 2014. They became aware POST integration so it would suggest that they have legacy Marriott user data as well?
Last edited by GUWonder; Nov 30, 18 at 4:57 am
Nov 30, 18, 4:52 am
#7
Join Date: Feb 2008
Location: In the air
Programs: BA Gold, Marriott Amb, Hilton Diamond, AMEX Plat
Posts: 6,628
FFS. I said just a month ago that the total lack of quality assurance made it likely that a major data breach was likely in the near future. They have singularly failed in conducting due diligence to serve and protect their customers.
Edit: Though it does appear this may have partially pre-dated the merger.
Edit: Though it does appear this may have partially pre-dated the merger.
Nov 30, 18, 4:55 am
#8
Original Poster
Join Date: Mar 2010
Location: Sunshine State
Programs: Avis Trump. Costco Exec. SPG PLAT PREM-90. WN A+/CP. AA SLV. Nat EE..
Posts: 445
Credit card data is the least important IMHO. That’s the easiest to fix. Passport number not so much. Somewhat ironically, what seemed to trigger them knowing was the hackers trying to encrypt the data they were stealing. Given the length of the hack and clearly how well it was set up this doesn’t sound like just some teenager in his parents garage doing it for fun.
I was being a little funny earlier. This is a HUGE deal. As a shareholder I regret not selling a few weeks ago which I was really close to doing. Premarket stock is down over 5% as of now.
Nov 30, 18, 4:57 am
#9
Join Date: Aug 2018
Posts: 600
Originally Posted by EuropeanPete
FFS. I said just a month ago that the total lack of quality assurance made it likely that a major data breach was likely in the near future. They have singularly failed in conducting due diligence to serve and protect their customers.
Nov 30, 18, 4:58 am
#10
Moderator: British Airways Executive Club, Marriott Bonvoy
Join Date: May 2006
Location: Englandshire
Programs: SPG LT Plat, BA G, BD*LG, MG Blue+ ...
Posts: 12,215
Some additional detail from Business Insider. My bolding.
This implies a breach in the SPG booking platform, which simply continued through the August merger.
Marriott announced on Friday that it had "taken measures to investigate and address a data security incident" that stemmed from its Starwood guest authorization database.
The company said it believes that around 500 million people's information was accessed, including an unspecified number who had their credit card details taken. It affects customers who made bookings on or before September 10, 2018.
The company said it believes that around 500 million people's information was accessed, including an unspecified number who had their credit card details taken. It affects customers who made bookings on or before September 10, 2018.
Nov 30, 18, 4:58 am
#11
Join Date: Feb 2008
Location: In the air
Programs: BA Gold, Marriott Amb, Hilton Diamond, AMEX Plat
Posts: 6,628
Originally Posted by MePlatPremier
This data breach has been going on since 2014, so it’s not related to the merger or even the acquisition. And it does not affect Marriott’s booking platform, only SPG’s.
Nov 30, 18, 5:06 am
#12
A FlyerTalk Posting Legend
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 90,342
Originally Posted by MePlatPremier
This data breach has been going on since 2014, so it’s not related to the merger or even the acquisition. And it does not affect Marriott’s booking platform, only SPG’s.
If Marriott weren't so busy rushing to squeeze customers via the rushed integration related to the merger/acquisition, perhaps the company would have caught this mess sooner and the boondoggle wouldn't have been as bad as it had become.
Nov 30, 18, 5:10 am
#15
Join Date: Aug 2018
Posts: 600
Originally Posted by GUWonder
It's been going on during the acquisition and even after the acquisition. It's even been going on as of a couple of months ago.
If Marriott weren't so busy rushing to squeeze customers via the rushed integration related to the merger/acquisition, perhaps the company would have caught this mess sooner and the boondoggle wouldn't have been as bad as it had become.
If Marriott weren't so busy rushing to squeeze customers via the rushed integration related to the merger/acquisition, perhaps the company would have caught this mess sooner and the boondoggle wouldn't have been as bad as it had become.
