Nov 30, 2018, 5:05 am
Last edit by: MasterGeek
From Starwood Lurker team :
Please visit info.starwoodhotels.com for more information about this incident, available resources and steps you can take.
Marriott has announced a massive breach of data belonging to 500 million guests who stayed at hotel brands including W, Sheraton, and Westin.
Marriott announced on Friday that it had "taken measures to investigate and address a data security incident" that stemmed from its Starwood guest authorization database.
The company said it believes that around 500 million people's information was accessed, including an unspecified number who had their credit card details taken. It affects customers who made bookings on or before September 10, 2018.
http://uk.businessinsider.com/marriott-data-breach-500-million-guests-affected-2018-11?r=US&IR=T
https://www.prnewswire.com/news-releases/marriott-announces-starwood-guest-reservation-database-security-incident-300758155.html
You can enroll in the "identity" monitoring service provided by Marriott due to this breach here, it cannot be called "credit monitoring" because it doesn't provide access to viewing credit bureau report data (as held by Equifax, TransUnion, Experian) nor notifications when credit report data changes :
https://answers.kroll.com/us/index.html
Please visit info.starwoodhotels.com for more information about this incident, available resources and steps you can take.
Marriott has announced a massive breach of data belonging to 500 million guests who stayed at hotel brands including W, Sheraton, and Westin.
Marriott announced on Friday that it had "taken measures to investigate and address a data security incident" that stemmed from its Starwood guest authorization database.
The company said it believes that around 500 million people's information was accessed, including an unspecified number who had their credit card details taken. It affects customers who made bookings on or before September 10, 2018.
http://uk.businessinsider.com/marriott-data-breach-500-million-guests-affected-2018-11?r=US&IR=T
https://www.prnewswire.com/news-releases/marriott-announces-starwood-guest-reservation-database-security-incident-300758155.html
You can enroll in the "identity" monitoring service provided by Marriott due to this breach here, it cannot be called "credit monitoring" because it doesn't provide access to viewing credit bureau report data (as held by Equifax, TransUnion, Experian) nor notifications when credit report data changes :
https://answers.kroll.com/us/index.html
Starwood/Marriott Data Breach 500 Million Guests affected, Marriott fined £18.4m
Nov 30, 2018, 4:32 am
#1
Original Poster
Join Date: Mar 2010
Location: Sunshine State
Programs: Avis Trump. Costco Exec. SPG PLAT PREM-90. WN A+/CP. AA SLV. Nat EE..
Posts: 456
Starwood/Marriott Data Breach 500 Million Guests affected, Marriott fined £18.4m
https://www.prnewswire.com/news-rele...300758155.html
Sorry mods I originally posted this in the Marriot sub form. This appears to be a big deal.We have a call center now that should be really responsive at least.
- We have established a dedicated website (info.starwoodhotels.com) and call center to answer questions you may have about this incident. The frequently-asked questions on info.starwoodhotels.com may be supplemented from time to time. The call center is open seven days a week and is available in multiple languages. Call volume may be high, and we appreciate your patience.
- For approximately 327 million of these guests, the information includes some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest ("SPG") account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences. For some, the information also includes payment card numbers and payment card expiration dates, but the payment card numbers were encrypted using Advanced Encryption Standard encryption (AES-128).
Last edited by yosithezet; Nov 30, 2018 at 4:58 pm Reason: Fixed url
Nov 30, 2018, 4:41 am
#3
Join Date: Nov 1999
Location: MEX/YVR/YYF
Programs: AS MVP/AC75K/AM Gold/UA*S/SPG-Marriott Lifetime Titanium/Accor-FPC Gold/HHDiamond/Hyatt Exp
Posts: 5,035
You have to be kidding me.
info.starwoodhotels.com
I have had to replace 3 Amex cards this year due to being compromised.
Well done Marriott, keep up the good job.
Now I have to wait for the email saying I was part of the millions.
info.starwoodhotels.com
I have had to replace 3 Amex cards this year due to being compromised.
Well done Marriott, keep up the good job.
Now I have to wait for the email saying I was part of the millions.
Last edited by PointWeasel; Nov 30, 2018 at 4:45 am Reason: add specific website
Nov 30, 2018, 4:45 am
#4
Original Poster
Join Date: Mar 2010
Location: Sunshine State
Programs: Avis Trump. Costco Exec. SPG PLAT PREM-90. WN A+/CP. AA SLV. Nat EE..
Posts: 456
Only 325 Million is guest stays have their passport info compromised. Everyone should go ahead and change their passport numbers now to be safe. At least credit card data appears to be safe here.
Would love for some tech experts to opine on this but so far it sounds like someone has had a backdoor in the SPG system for a long while not sure if 2014 or if they were just able to access data back to 2014. They became aware POST integration so it would suggest that they have legacy Marriott user data as well?
Nov 30, 2018, 4:47 am
#6
Suspended
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 102,095
https://www.prnewswire.com/news-rele...300758155.html
Sorry mods I originally posted this in the Marriot sub form. This appears to be a big deal.
The value of all such information in the hands of questionable actors -- be they run-of-the-mill criminals, organized, international crime syndicates, or governmental actors -- is rather substantial, even if all the stored bank card data has not all been compromised.
Only 325 Million is guest stays have their passport info compromised. Everyone should go ahead and change their passport numbers now to be safe. At least credit card data appears to be safe here.
Would love for some tech experts to opine on this but so far it sounds like someone has had a backdoor in the SPG system for a long while not sure if 2014 or if they were just able to access data back to 2014. They became aware POST integration so it would suggest that they have legacy Marriott user data as well?
Last edited by GUWonder; Nov 30, 2018 at 4:57 am
Nov 30, 2018, 4:52 am
#7
Join Date: Feb 2008
Location: In the air
Programs: Hyatt Globalist, Bonvoy LT Plat, Hilton Gold, GHA Tit, BA Gold, Turkish Elite
Posts: 8,712
FFS. I said just a month ago that the total lack of quality assurance made it likely that a major data breach was likely in the near future. They have singularly failed in conducting due diligence to serve and protect their customers.
Edit: Though it does appear this may have partially pre-dated the merger.
Edit: Though it does appear this may have partially pre-dated the merger.
Nov 30, 2018, 4:55 am
#8
Original Poster
Join Date: Mar 2010
Location: Sunshine State
Programs: Avis Trump. Costco Exec. SPG PLAT PREM-90. WN A+/CP. AA SLV. Nat EE..
Posts: 456
Credit card data is the least important IMHO. That’s the easiest to fix. Passport number not so much. Somewhat ironically, what seemed to trigger them knowing was the hackers trying to encrypt the data they were stealing. Given the length of the hack and clearly how well it was set up this doesn’t sound like just some teenager in his parents garage doing it for fun.
I was being a little funny earlier. This is a HUGE deal. As a shareholder I regret not selling a few weeks ago which I was really close to doing. Premarket stock is down over 5% as of now.
Nov 30, 2018, 4:57 am
#9
Join Date: Aug 2018
Posts: 902
Nov 30, 2018, 4:58 am
#10
Moderator: British Airways Executive Club, Marriott Bonvoy
Join Date: May 2006
Location: Englandshire
Programs: SPG LT Plat, BA G, BD*LG, MG Blue+ ...
Posts: 16,014
Some additional detail from Business Insider. My bolding.
This implies a breach in the SPG booking platform, which simply continued through the August merger.
Marriott announced on Friday that it had "taken measures to investigate and address a data security incident" that stemmed from its Starwood guest authorization database.
The company said it believes that around 500 million people's information was accessed, including an unspecified number who had their credit card details taken. It affects customers who made bookings on or before September 10, 2018.
The company said it believes that around 500 million people's information was accessed, including an unspecified number who had their credit card details taken. It affects customers who made bookings on or before September 10, 2018.
Nov 30, 2018, 4:58 am
#11
Join Date: Feb 2008
Location: In the air
Programs: Hyatt Globalist, Bonvoy LT Plat, Hilton Gold, GHA Tit, BA Gold, Turkish Elite
Posts: 8,712
Nov 30, 2018, 5:06 am
#12
Suspended
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 102,095
If Marriott weren't so busy rushing to squeeze customers via the rushed integration related to the merger/acquisition, perhaps the company would have caught this mess sooner and the boondoggle wouldn't have been as bad as it had become.
Nov 30, 2018, 5:10 am
#15
Join Date: Aug 2018
Posts: 902
It's been going on during the acquisition and even after the acquisition. It's even been going on as of a couple of months ago.
If Marriott weren't so busy rushing to squeeze customers via the rushed integration related to the merger/acquisition, perhaps the company would have caught this mess sooner and the boondoggle wouldn't have been as bad as it had become.
If Marriott weren't so busy rushing to squeeze customers via the rushed integration related to the merger/acquisition, perhaps the company would have caught this mess sooner and the boondoggle wouldn't have been as bad as it had become.
