Marriott has investigated an attempted security breach and determined that their Starwood Guest Reservation System has been compromised since 2014.

Think about everything you have to hand over when you make a hotel reservation: name, address, credit card information, date of birth, passport number … Now imagine that someone could have had access to all of that if you have stayed in a Marriott Starwood Hotel or Resort. Unfortunately, this may be the case, as Marriott leadership recently discovered on November 19. A security breach in Marriott’s Starwood Hotel reservation system could potentially affect millions of clients whose personal and financial information were stored in conjunction with their stays at Starwood facilities.

In a nutshell, a duplicate packet of information was found on their reservation database. It was an encrypted file of reservation information for approximately 500 million Starwood guests. Of those, about 327 million of the records included some combination of the aforementioned personal data; the rest of the records were likely just name and mailing addresses.

What hotels and resorts are included in the data breach?

According to the dedicated website about the breach, W Hotels, St. Regis, Sheraton Hotels & Resorts, Westin Hotels & Resorts, Element Hotels, Aloft Hotels, The Luxury Collection, Tribute Portfolio, Le Méridien Hotels & Resorts, Four Points by Sheraton, and Design Hotels. Starwood-branded timeshare properties are also included.

What is the time period affected by the data breach?

To date, the security team has determined that reservations made to Starwood hotels, resorts, and timeshares from the period of 2014-present could potentially be affected. Anyone who has made a reservation at any of the listed hotels and resorts should be aware of this and act accordingly.

If you made a reservation during that time period, the first thing you should do is read the announcement from Marriott International. It goes into more detail about the specifics surrounding the incident and will keep everyone updated about new findings.

Marriott has also begun rolling out individual emails to potentially affected guests whose information has been compromised. Keep an eye out for an email with further instructions.

Within the text of the announcement, Marriott has made a free year’s enrollment in Webwatcher available to its U.S., Canadian, and U.K. guests. This service can help monitor your financial accounts for attempted fraud.

**All photos in this article are courtesy of Marriott International.

Do you think you’ve been affected by this data breach? Tell us about it in the comments below.

 

Comments