“We deeply regret this incident happened. We fell short of what our guests deserve and what we expect of ourselves and are doing everything we can to support our guests, and using lessons learned to be better moving forward.”
The Breach
Marriott is the world’s biggest chain of hotels. However, its vast network is part of the reason why the breach ended up being so extensive. Marriott first received an alert about a potential data breach in September 2018. This alert came from an internal security tool and was about an unauthorized attempt to access the database. After they launched an official investigation, Marriott discovered that the breach had been ongoing since 2014. As a result, an unauthorized party had gained and encrypted information spanning over four years. On November 19, Marriott finally confirmed that the leak was happening from its Starwood database. Marriott said in a statement:“The company has not finished identifying duplicate information in the database, but believes it contains information on up to approximately 500 million guests who made a reservation at a Starwood property.”The company added that for about 327 million of the guests the information includes some combination of the following: a name, mailing address, phone number, email address, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences. Marriott has confirmed that the data breach has also compromised credit card information of some customers. Although the information is encrypted, officials claim that they cannot rule out the possibility of hackers decoding it.




Share Your Thoughts