According to the company, it originally learned about the breach back in September this year. However, the company soon learned that the unauthorized access to the reservation database has taken place since 2014. For around 327 million guests, the information that is involved in the breach includes the combination of name, mailing address, phone, number, email address, passport number, date of birth, gender, reservation date, arrival & departure date, communication preferences, and Starwood Preferred Guest information.
Payment card numbers and expiration dates might be affected as well for some customers, but Marriott pointed out that payment card numbers were already encrypted using AES-128. For other guests, the scope of the breach was limited to name, mailing address, and email address. The list of the hotel brands under Marriott that are affected by this breach is rather long although all of them are under its Starwood subsidiary. The breach doesn’t affect the reservation database for Marriott’s flagship network which was hosted separately.
Nevertheless, there is still a reason to worry though since many of them have establishments in Malaysia such as W Hotels, St. Regis, Sheraton Hotels & Resorts, and Westin Hotels & Resorts. Also in the list are The Luxury Collection, Aloft Hotels, Le Méridien Hotels & Resorts, and Four Points by Sheraton. Marriott has opened a dedicated website and call center for its customers to learn more about the data breach. Head on to the website here for further information. (Image: Marriott and Marriott Kota Kinabalu)