Marriott Starwood hotel hack: How to find out if you were affected

ritzcarlton.com

• Mariott Starwood hotels
  suffered a massive data breach, meaning that around 500
  million customers have had their information compromised.
• Hackers accessed sensitive information from Starwood’s
  reservation database in 2014, including mailing addresses,
  passport info, and credit card numbers.
• Marriott says guests who were affected — anyone who stayed at
  a Starwood property on or before September 10, 2018 — will be
  notified “on a rolling bases” starting November 30.
• Here’s how you can find out more about whether your
  information was hacked and what you can do to protect yourself.

Hackers have accessed the sensitive information of
around 500 million people who have stayed in Marriott’s
Starwood line of hotels, the hotel chain
announced Friday.

Marriott says it discovered earlier this month that hackers had
access to its reservation system used for guests at Starwood
hotels since 2014, and that customer information was copied and
stolen.

Read more:

500 million Marriott customers have had their data hacked after
staying at hotels including W, Sheraton, and Westin

The hotel chain has “taken measures” to contain the breach and
investigate the incident, according to a statement.

Marriott says that it started on Friday to reach out via email to
affected customers “on a rolling basis,” but only to those guests
whose email address are provided in the Starwood reservation
system. If you stayed at a Starwood property on or before
September 10, 2018, keep a look out for an email from
[email protected].

If you’re wondering if you my have been affected by the breach,
here’s what we know about whose information was accessed:

• Hackers first gained access to the reservation database in
  2014. Customers affected include anyone who has stayed in a
  Starwood hotel on or before September 10, 2018.
• For 327 million customers, Marriott hasn’t figured out
  exactly what information was accessed, but say it may
  include: name, mailing address, phone number, email
  address, passport number, Starwood Preferred Guest account
  information, date of birth, gender, arrival and departure
  information, reservation date, and communication
  preferences.
• Some customers may have had their payment card numbers
  and expiration dates compromised. Mariott says this information
  was encrypted, but hackers may have managed to decrypt
  it.
• For the remaining portion of the 500 million affected
  customers, the information accessed by the hackers may include
  your name, mailing address, email address, or “other
  information.”
• Marriott uses a separate reservation system on a
  different network, so customers at Mariott hotels don’t seem to
  have been affected.
• Starwood operates
  more than 1,000 hotels worldwide. Here’s the breakdown of
  the affected properties owned by Starwood, a subsidiary of
  Marriott:

Marriott International

Marriott says it’s already started to take some steps to support
affected guests. A list of FAQs that customers may have can be
found on the website
that Marriott has established specifically for the data breach.

There’s also an established call center for customers, which is
open seven days a week and available in multiple languages.

Additionally, Marriott says it will pay for guests to sign up for
a year-long membership for WebWatcher software, which monitors
where your personal information is shared online. However, this
enrollment, as well as the availability of paid-for fraud
consultation services and reimbursement coverage, is only
available to customers in the U.S., U.K., and Canada.

Marriott also recommends that if you use the same or a similar
password as the one associated with your SPG guest account, you
should change it, and be on the lookout for any phishing emails
asking for your login details.