Marriott says Starwood hotels hit by massive data breach

The world’s largest hotel company says a data breach may have compromised the personal information of as many as 500 million guests.

Marriott International announced on Friday that an unauthorized party might have access to the names, addresses, phone numbers, email addresses, passport numbers and travel details of its guests, the Wall Street Journal reported. In some cases, guests’ credit card information might’ve also been stolen.

The breach hit Marriott’s Starwood branded hotels, which include Sheraton, W Hotels, Westin and others. Marriott became aware of a possible breach back in September but couldn’t confirm what information had been copied and encrypted by a third-party until November 19.

The investigation found that the Starwood guest database may have been compromised since 2014. Marriott acquired Starwood back in 2016 for $13 billion. Starwood had reported a breach at 54 locations in 2015.

“We fell short of what our guests deserve and what we expect of ourselves. We are doing everything we can to support our guests, and using lessons learned to be better moving forward,” Marriott Chief Executive Arne Sorenson said in a statement.

Other hotel chains have been hit by data breaches in the last few years, including Hilton Worldwide Holdings and Trump Hotels. [WSJ] — Kathryn Brenzel