Marriott data breach hits 500 million Starwood hotel guests

Standard I dont see this posted anywhere but I also didnt search that hard.


I know a certain IT-Infosec Org that is having a really bad time right now.
The level of detail possibly exposed could be catastrophic for people with CC, SS, Passport and personal info listed.

None of it is good.


"Marriott discovered a data breach that could've impacted up to 500 million guests, it said Friday.

The hotel group revealed that hackers compromised the guest reservation database of its Starwood division, whose brands include Sheraton, W Hotels, Westin, Le Meridien, Four Points by Sheraton, Aloft and St. Regis, up to Sept. 10.

Its Marriott-branded hotels use a separate reservation system on a different network, the BBC reported.

An internal investigation found that the network was first breached in 2014, and that "an unauthorized party had copied and encrypted information." For around 327 million of those impacted, that data included names, addresses, phone numbers, emails, passport numbers and travel details."





www.cnet.com...:+New+Content+(Fe ed)&utm_content=5c0151a29ac5640001cdbe40&utm_medium=trueAnthem&utm_source=twitter

a reply to: opethPA

Well, I'm glad I've gotten new cards since then. Good timing for me at least.

originally posted by: opethPA
Standard I dont see this posted anywhere but I also didnt search that hard.


I know a certain IT-Infosec Org that is having a really bad time right now.
The level of detail possibly exposed could be catastrophic for people with CC, SS, Passport and personal info listed.

None of it is good.


"Marriott discovered a data breach that could've impacted up to 500 million guests, it said Friday.

The hotel group revealed that hackers compromised the guest reservation database of its Starwood division, whose brands include Sheraton, W Hotels, Westin, Le Meridien, Four Points by Sheraton, Aloft and St. Regis, up to Sept. 10.

Its Marriott-branded hotels use a separate reservation system on a different network, the BBC reported.

An internal investigation found that the network was first breached in 2014, and that "an unauthorized party had copied and encrypted information." For around 327 million of those impacted, that data included names, addresses, phone numbers, emails, passport numbers and travel details."





www.cnet.com...:+New+Content+(Fe ed)&utm_content=5c0151a29ac5640001cdbe40&utm_medium=trueAnthem&utm_source=twitter

Damn...so they've just been collecting info for 4 years? That's crazy.