Marriott says 500 million Starwood accounts compromised

Marriott says its guest reservation system has been hacked, potentially exposing the personal information of approximately 500 million guests.

Posted: Nov 30, 2018 10:03 AM
Updated: Nov 30, 2018 12:18 PM


Marriott says its guest reservation system has been hacked, potentially exposing the personal information of approximately 500 million guests.

The hotel chain said Friday the hack affects its Starwood reservation database, a group of hotels it bought in 2016 that includes the St. Regis, Westin, Sheraton and W Hotels.

Marriott said hackers had gained "unauthorized access" to the Starwood reservation system since 2014, but the company only identified the issue last week.

"The company recently discovered that an unauthorized party had copied and encrypted information, and took steps towards removing it," Marriott said in a statement.

For 327 million people, Marriott says the guests' exposed information includes their names, phone numbers, email addresses, passport numbers, date of birth and arrival and departure information. For millions others, their credit card numbers and card expiration dates were potentially compromised.

Marriott warns that it can't confirm if the hackers were able to decrypt the credit card numbers.

"We fell short of what our guests deserve and what we expect of ourselves. We are doing everything we can to support our guests, and using lessons learned to be better moving forward," said CEO Arne Sorenson.

The hotel chain said it has reported the hack to law enforcement.

Marriott said it will begin emailing guests affected by the breach and has created an informational website. There's also a call center that's been set up.

The company said it's giving guests a free membership to WebWatcher, a personal information monitoring service. It's also telling guests to monitor their loyalty accounts for suspicious activity, change their account passwords and check credit card statements for unauthorized activity.

Today's revelation marks one of the biggest corporate data beaches in history. It's second behind one involving Yahoo, which said in 2017 that 3 billion accounts encompassing several of its brands were compromised. AdultFriendFinder revealed in 2016 that 412 million accounts were hacked.

Because the hack involves customers in the European Union and the United Kingdom, the company might be in violation of the recently enacted General Data Protection Regulation.

Mark Thompson, the global lead for consulting company KPMG's Privacy Advisory Practice, told CNN Business that hefty GDPR penalties will "likely" be slapped on the company.

"The size and scale of this thing is huge," he said, adding that it's going to take several months for regulators to investigate the breach, but that he expects class action lawsuits to quickly materialize.

In the United States, the New York Attorney General's office said it has opened an investigation into the data breach. The office told CNN Business that the company hasn't yet notified the AG about the data breach, which is required under state law.

The attorneys general of Maryland and Pennsylvania have also said that they are investigating.

Marriott's (MAR) stock is plunging on the news, falling more than 5% in early trading. The combined company has 6,700 properties in more than 129 countries.

West Lafayette
Partly Cloudy
72° wxIcon
Hi: 75° Lo: 54°
Feels Like: 72°
Kokomo
Partly Cloudy
68° wxIcon
Hi: 72° Lo: 54°
Feels Like: 68°
Rensselaer
Partly Cloudy
64° wxIcon
Hi: 71° Lo: 52°
Feels Like: 64°
Fowler
Partly Cloudy
72° wxIcon
Hi: 71° Lo: 53°
Feels Like: 72°
Williamsport
Partly Cloudy
70° wxIcon
Hi: 72° Lo: 54°
Feels Like: 70°
Crawfordsville
Partly Cloudy
68° wxIcon
Hi: 71° Lo: 53°
Feels Like: 68°
Frankfort
Mostly Cloudy
68° wxIcon
Hi: 71° Lo: 53°
Feels Like: 68°
Delphi
Partly Cloudy
67° wxIcon
Hi: 74° Lo: 54°
Feels Like: 67°
Monticello
Partly Cloudy
67° wxIcon
Hi: 75° Lo: 56°
Feels Like: 67°
Logansport
Partly Cloudy
66° wxIcon
Hi: 71° Lo: 53°
Feels Like: 66°
Big weather change ahead!!
WLFI Radar
WLFI Temps
WLFI Planner

Indiana Coronavirus Cases

Data is updated nightly.

Cases: 734736

Reported Deaths: 13471
CountyCasesDeaths
Marion1005261750
Lake54085975
Allen40876680
St. Joseph36249552
Hamilton35783408
Elkhart28784442
Tippecanoe22449219
Vanderburgh22359397
Porter18894310
Johnson18053381
Hendricks17298315
Clark13026191
Madison12740339
Vigo12490248
LaPorte12040214
Monroe11936170
Delaware10738187
Howard9974218
Kosciusko9455117
Hancock8346142
Bartholomew8091156
Warrick7795155
Floyd7682178
Grant7090174
Wayne7067199
Boone6732101
Morgan6603139
Dubois6165117
Marshall6092112
Cass5864105
Dearborn582678
Henry5772105
Noble564484
Jackson503273
Shelby493896
Lawrence4580120
Gibson436592
Harrison436472
DeKalb430185
Clinton428353
Montgomery425589
Whitley397539
Huntington393580
Steuben390757
Miami383268
Knox372790
Jasper370848
Putnam362660
Wabash355080
Adams342555
Ripley340470
Jefferson331781
White316354
Daviess298299
Wells292081
Decatur285792
Fayette281862
Greene280485
Posey272033
LaGrange268370
Scott267354
Clay260947
Washington241932
Randolph241781
Spencer232631
Jennings230749
Starke218454
Fountain213646
Sullivan212242
Owen202556
Jay197230
Fulton195740
Carroll190120
Orange184354
Perry184237
Rush173725
Vermillion170044
Franklin168435
Tipton163145
Parke146716
Pike135334
Blackford135132
Pulaski117245
Newton108634
Brown102641
Crawford101415
Benton99014
Martin89515
Warren82415
Switzerland7938
Union71410
Ohio57111
Unassigned0417

COVID-19 Important links and resources

As the spread of COVID-19, or as it's more commonly known as the coronavirus continues, this page will serve as your one-stop for the resources you need to stay informed and to keep you and your family safe. CLICK HERE

Closings related to the prevention of the COVID-19 can be found on our Closings page.

Community Events