Written by Alayna Okerlund | Last Updated January 10th, 2020Alayna Okerlund is a Senior Content Strategist at BestCompany.com. She is proud of her journalism background and strives to create informative, interesting online content. Professionally, she plans to further develop her writing skills and continue building up her SEO knowledge base. When she's not working, she enjoys being in nature and trying new foods.
Marriott announced on Friday, November 30, 2018, that it's Starwood reservation system experienced a massive data breach. This data breach may have exposed private information of close to 500 million guests. The sheer number of people who may be affected makes the Starwood data breach one of the largest data breaches in history.
The hotel chain was notified of an unauthorized attempt to access the Starwood system in September. Marriott took action by getting security professionals on the case. According to USA Today, it was later recognized that "there had been unauthorized access to the Starwood network since 2014."
Marriott Starwood properties that may have been affected by the breach include the Sheraton Hotels, Westin Hotels, St.Regis Hotels, W Hotels, Element Hotels, Aloft Hotels, and more.
The type of information that may have been exposed due to the breach includes guest names, email addresses, date of birth, phone numbers, credit card numbers, credit card expiration dates, passport information, arrival/departure information, etc.
According to an official Marriott news release, "the payment card numbers were encrypted using Advanced Encryption Standard encryption." The hotel brand went on to explain that "there are two components needed to decrypt the payment card numbers, and at this point, Marriott has not been able to rule out the possibility that both were taken."
Marriott reported the massive data breach to law officials and is currently working on resolutions. The hotel chain is in the process of emailing guests that have been affected by the breach.
The Marriott news release also stated that "Marriott is providing guests the opportunity to enroll in WebWatcher free of charge for one year. WebWatcher monitors internet sites where personal information is shared and generates an alert to the consumer if evidence of the consumer’s personal information is found. Due to regulatory and other reasons, WebWatcher or similar products are not available in all countries. Guests from the United States who activate WebWatcher will also be provided fraud consultation services and reimbursement coverage for free. To activate WebWatcher, go to info.starwoodhotels.com and click on your country, if listed, for enrollment."
There is currently little to no information provided regarding the motive behind the Starwood data breach. One of the most popular motives behind data breaches is identity theft. Those who are concerned about future identity theft threats may want to consider professional identity theft protection.