What you should do after the Marriott data breach

  • By Hamza Shaban,
  • The Washington Post
  • Online Security
  • Online Security
  • Online Security
  • Online Security
  • Online Security
  • Facebook.
  • Twitter.
  • LinkedIn.
  • Google Plus
  • Print

One of the largest hotel chains in the world announced Friday that the personal information of up to 500 million guests may have been stolen after its reservations database was hacked.

Marriott International said that guests who made reservations with its Starwood properties on or before Sept. 10 may have had their information compromised. Among the hotels under the Starwood brand are Sheraton, Westin and St. Regis.

What was stolen?

The database included information tied to as many as 500 million guests, Marriott said. For about 327 million of the guests, hackers had access to names, addresses, phone numbers, email addresses and passport numbers. The hackers could also see loyalty program account information, dates of birth, gender and reservation information.

The hotel said that the database also contained encrypted credit card numbers for some customers and that it can’t rule out that the hackers stole information that could decrypt and reveal those numbers.

For the remaining customers, the information stored in the database included their names and, for some, addresses, email addresses and other information, Marriott said.

What should I do?

If you made a reservation with a Starwood hotel on or before Sept. 10, the information you shared may have been stolen, the hotel said.

Starting Friday, Marriott said it will begin sending emails on a rolling basis to affected guests who have shared their email addresses with Starwood. Marriott has cautioned customers to stay vigilant as they look for this email because malicious actors may try to pose as Marriott.

On an FAQ page, Marriott listed the official email address from which it will send the notification. The hotel said:

When other companies have provided notifications like this, other people used it to try to trick individuals into providing information about themselves through the use of links to fake websites (phishing) or by impersonating someone they trusted (social engineering). Please note that the email you may receive from us will not contain any attachments or request any information from you, and any links will only bring you back to this webpage.

Marriott has also put up a dedicated website and directed customers to a cell center to ask questions.

How do I sign up for fraud monitoring?

Marriott said it is offering customers a fraud monitoring service at no cost for one year. It said WebWatcher monitors websites where personal data is shared and alerts customers if their information is found. People can enroll in WebWatcher through Marriott’s dedicated website.

What happens next?

Marriott has directed customers to monitor their loyalty program, Starwood Preferred Guest, for suspicious activity. Customers should also review their credit card statements and look out for unauthorized purchases, the hotel said.

Marriott said it will not ask customers to provide their password by phone or email and told guests to stay vigilant against phishing attempts in the wake of the data breach.

  • Facebook.
  • Twitter.
  • LinkedIn.
  • Google Plus
  • Print

For more news you can use to help guide your financial life, visit our Insights page.


© 2018 The Washington Post
Votes are submitted voluntarily by individuals and reflect their own opinion of the article's helpfulness. A percentage value for helpfulness will display once a sufficient number of votes have been submitted.
close
Please enter a valid e-mail address
Please enter a valid e-mail address
Important legal information about the e-mail you will be sending. By using this service, you agree to input your real e-mail address and only send it to people you know. It is a violation of law in some jurisdictions to falsely identify yourself in an e-mail. All information you provide will be used by Fidelity solely for the purpose of sending the e-mail on your behalf.The subject line of the e-mail you send will be "Fidelity.com: "

Your e-mail has been sent.
close

Your e-mail has been sent.

You May Also Like...

Decoding China's strategy on trade

At a mega-trade show in China, global businesses and political leaders were looking for hints of Xi Jinping's strategy ahead of planned trade talks with President Trump.

Nvidia gives AI support to Chinese electric vehicle makers

Nvidia signs separate deals with Chinese electric vehicle startups XPeng Motors, Singulato Motors and SF Motors to develop autonomous driving technology.

Why you shouldn't retire when your spouse does

Financially, new research indicates there are compelling reasons for couples to stagger retirements by months, or even years. But there are tricky consequences.