What You Need to Know About the Marriott Data Breach

Marriott Data BreachOn November 30th, Marriott announced a major breach of their customer data – potentially one of the largest breaches of its kind. Since many of our customers frequent Marriott and Starwood branded hotels, we want to make sure you’re in the know on what happened with the Marriott data breach and what to do if you think you might have been affected.

Who was affected?

  • The Marriott data breach affected as many as 500,000 million Starwood guests who have stayed with a Starwood-branded property any time over the past four years (Marriott purchased Starwood in 2016) This includes the following properties:
    • W Hotels
    • St. Regis
    • Sheraton Hotels & Resorts
    • Westin Hotels & Resorts
    • Element Hotels
    • Aloft Hotels
    • The Luxury Collection
    • Tribute Portfolio
    • Le Méridien Hotels & Resorts
    • Four Points by Sheraton and Design Hotels
    • Starwood branded timeshare properties
  • It is important to note that this affects only the above listed brands and no other Marriott-branded properties.

What data was exposed?

  • Some combination of a name, mailing address, phone number, email address, passport number, Starwood preferred guest account information, reservation date, and communication preferences.
  • Some customers may also have had their credit card information taken, though the company says that information would have been encrypted.

How can I tell if I was affected?

  • According to a statement made by the company, “if you made a reservation on or before September 10th, 2018 at a Starwood property, information you provided may have been involved.”
  • Marriott has also been in the process of sending out emails to guests whose email addresses are in the database.
  • The company has also set up a website with FAQs here and has set up a dedicated call center to answer any questions people may have about the breach (US & Canada: 877-273-9481)

What to do if you think you may have been affected by the Marriott data breach:

  • Change any passwords you may have used with Starwood, especially if you use the same password and login for multiple online accounts.
  • If you think your passport may have been involved, the state department is urging people to contact Marriott directly to find out if any fraud may be involved, and if so, the company is offering to pay for the cost of a new passport if needed.
  • Watch out for phishing / scam attempts by unauthorized third parties attempting to gather your information – Marriott has stated that they will not be asking anybody to provide their password by phone or email.
  • Marriott has offered to provide free of charge online account monitoring services for one year – take advantage!