2nd Largest Data Hack from Marriott Hotel Group

Post Reply
fountainhall

2nd Largest Data Hack from Marriott Hotel Group

Post by fountainhall »

Yet another mega-hack of data, this time from the Marriott Hotel Group. And inexplicably it has been going on since 2014! 500 million accounts have been hacked from the chain’s database with 327 million having their names, phone number, email addresses, passport numbers, dates of birth and arrival/departure information stolen. Millions of others have also had their credit card numbers and expiry dates probably stolen. Marriott cannot confirm if the hackers also stole their system that decrypts credit card information.

The hacked database seems primarily to have been from the Starwood chain which Marriott took over last year. So if you have stayed at a St. Regis, Westin, Sheraton, Meridien or W Hotel in the last few years, you may need to check your credit card accounts.

The hack covers not just the USA. So Marriott may be in breach of strict new EU GDPR regulations that came in earlier this year. The New York Attorney General’s office has also opened an investigation.
Mark Thompson, the global lead for consulting company KPMG's Privacy Advisory Practice, told CNN Business that hefty GDPR penalties will "likely" be slapped on the company.

"The size and scale of this thing is huge," he said, adding that it's going to take several months for regulators to investigate the breach, but that he expects class action lawsuits to quickly materialize.
https://edition.cnn.com/2018/11/30/tech ... index.html

I’m in the Marriott programme but cannot recall staying in any Starwood Hotel in recent years. In any case the primary card I use for travel was hacked in Indonesia in August and I know that the new one has not been used in any Starwood Hotel since then. But I’m checking my accounts right now!
Post Reply