Marriott Hotels has announced a serious security breach, which contains information about its Starwood guest database, affecting up to 500 million guests, starting in 2014.
Marriott talks about 327 million guests, information includes names, postal addresses, phone numbers, emails, passport numbers and credit card information.
“For some, information also includes payment card numbers and payment card expiration dates, but payment card numbers were encrypted using Advanced Encryption Standard (AES-128) encryption. Decrypting payment card numbers requires two components, and at the moment Marriott could not rule out the possibility that both were taken. ”
-Expert from the issue.
Marriott says the only Starwood hotel in the St. Johns area is Sheraton.
Marriott says the investigation revealed that there was unauthorized access to the database with guest information related to the reservations in the Starwood properties, or until September 10, 2018.
Today, the company released a release that on September 8, 2018, they received a warning about trying to access the Starwood guest house reservation database in the United States. Marriott says that during the investigation it turned out that since 2014 there had been unauthorized access to the Starwood network. The unauthorized party copied and encrypted the information, and on November 19, Marriott was able to decipher this information and determined that it was from their Starwood guest-book database.
Starwood includes Sheraton Hotels and Resorts, Westin Hotels and Resorts, as well as hotels under the names W Hotels, St. Regis, Element Hotels, Aloft Hotels, Luxury Collection, Tribute Portfolio, Le Méridien Hotels & Resorts, Four Points by Sheraton and Design Hotels. Also included are the Starwood timeshare properties.
Read the full Marriott version at this link. Frequently asked questions are available at this link.