The hacked database seems primarily to have been from the Starwood chain which Marriott took over last year. So if you have stayed at a St. Regis, Westin, Sheraton, Meridien or W Hotel in the last few years, you may need to check your credit card accounts.
The hack covers not just the USA. So Marriott may be in breach of strict new EU GDPR regulations that came in earlier this year. The New York Attorney General’s office has also opened an investigation.
https://edition.cnn.com/2018/11/30/tech ... index.htmlMark Thompson, the global lead for consulting company KPMG's Privacy Advisory Practice, told CNN Business that hefty GDPR penalties will "likely" be slapped on the company.
"The size and scale of this thing is huge," he said, adding that it's going to take several months for regulators to investigate the breach, but that he expects class action lawsuits to quickly materialize.
I’m in the Marriott programme but cannot recall staying in any Starwood Hotel in recent years. In any case the primary card I use for travel was hacked in Indonesia in August and I know that the new one has not been used in any Starwood Hotel since then. But I’m checking my accounts right now!