Marriott Hacking Exposes Data of Up to 500 Million Guests

Amie Tsang and Adam Satariano, reporting for The New York Times:

The Marriott International hotel chain said on Friday that the database of its Starwood reservation system had been hacked and that the personal details of up to 500 million guests going as far back as 2014 had been compromised.

The hotel group, which runs more than 6,700 properties around the world, was informed in September about an attempt to access the database, and an investigation this month revealed that unauthorized access had been made on or before Sept. 10, Marriott said in a statement.

The hotel chain said that personal details including names, addresses, dates of birth, passport numbers, email addresses and phone numbers for hundreds of millions of guests may have been compromised. […]

Hackers also obtained encrypted credit-card information for some customers, but it was unclear if the hackers would be able to use those payment details.

Just awful, particularly the part about passport numbers, dates of birth, and the possibility of credit card numbers being exposed. I’m almost certainly included in this breach — I’m a longtime SPG rewards member, and definitely stayed at a few Starwoods hotels since 2014.

Friday, 30 November 2018