The world’s largest hotel chain, Marriott International, recently announced that a massive data breach had affected the personal information of up to 500 million customers. The breach exposed a large amount of personal information such as names, mailing addresses, phone numbers, email addresses, passport numbers, Starwood Preferred Guest account information, date of birth, and gender. The breach also revealed encrypted credit card numbers and expiration dates of some customers.
Marriott discovered the breach on September 8, 2018, when an internal security tool alerted it to an attempt to access the Starwood guest reservation database. The company determined that the unauthorized access had been occurring since 2014 and that the hackers had obtained access to the database on or before September 10, 2018. Marriott has set up a dedicated website and call center to answer customers’ questions and provide information about the breach. The company is also offering a free one-year subscription to WebWatcher, an identity-monitoring service, to customers whose information was exposed in the breach. Marriott has also hired forensic experts to investigate the breach and is working with law enforcement and other experts to identify the hackers and take appropriate legal action. The company is also working with regulators and other authorities to ensure that its customers’ data is protected and that appropriate steps are taken to prevent similar incidents in the future.
Marriott’s breach is one of the biggest data breaches in history, and it has raised serious questions about the security of customer data. The company is likely to face hefty fines and penalties, as well as other legal action in the wake of the incident. It remains to be seen how the company will be able to recover from this massive breach and restore its customers’ trust.