In 2018, Marriott Hotels revealed a data breach that had been ongoing since 2014, affecting their reservation system. The breach was discovered in September 2018, and it involved unauthorized access to customer records. The incident impacted a significant number of users, compromising various types of personal information.

How many accounts were compromised?

The breach impacted data related to approximately 5.2 million individuals.

What data was leaked?

The data exposed in the breach included names, mailing addresses, phone numbers, email addresses, passport numbers, Starwood Preferred Guest account information, dates of birth, gender, arrival and departure information, reservation dates, and communication preferences.

How was Marriott Hotels hacked?

The Marriott data breach occurred when hackers used email spoofing and phishing techniques to infiltrate the network, eventually gaining control of an administrator account. They then moved laterally across systems, leveraging sensitive information from loyalty programs and reservation systems. The breach was discovered in 2018 when an internal security tool flagged a suspicious attempt to access the guest reservation database for Marriott's Starwood brands.

Marriott Hotels's solution

In response to the data breach, Marriott Hotels implemented enhanced security measures to protect their systems and prevent future hacking incidents. Although specific actions taken between mid-January and the end of February are not detailed in the sources, Marriott conducted an internal investigation, decrypted stolen data, and released a statement outlining the basics of the breach. The company also faced significant penalties, including multiple class-action lawsuits and a fine of $23.8 million from the United Kingdom's Information Commissioner's Office (ICO). Additionally, Marriott agreed to pay for passport replacements for customers who were victims of the data breach and set up a website and call center for those who believed they may have been affected.

How do I know if I was affected?

Marriott Hotels reached out to affected users following the data breach. If you believe you may have been impacted but did not receive a notification, you can visit Have I Been Pwned to check if your credentials were affected.

What should affected users do?

In general, affected users should:

1. Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.

2. Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

3. Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

4. Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity. If you notice anything unusual, report it to the appropriate authorities and the affected service provider.

For more specific help and instructions related to Marriott Hotels' data breach, please contact Marriott Hotels' support directly.

Where can I go to learn more?

If you want to find more information on the Marriott Hotels data breach, check out the following news articles:

• Marriott Data Breach FAQ: What Really Happened?

• Marriott data breach FAQ: How did it happen and what was the impact?

• Marriott’s Starwood Hotels Have Suffered a Major Data Breach