by Donald Wood
Last updated: 1:56 PM ET, Fri November 30, 2018
Marriott International Inc. announced Friday as many as 500 million records in its Starwood Hotels reservation system could have been compromised in an attack that reportedly began four years ago.
According to Reuters.com, the hack on the reservation system exposed personal data of at least 327 million customers including payment card numbers, passport details, phone numbers and email addresses.
"What makes this serious is the number of people involved, the intimacy of the data that was taken and the long delay between the breach and discovery," former United States federal cybercrimes prosecutor Mark Rasch told Reuters.
"We deeply regret this incident happened," Marriott CEO Arne Sorenson said. "We fell short of what our guests deserve and what we expect of ourselves. We are doing everything we can to support our guests, and using lessons learned to be better moving forward."
The hotel giant reported an unauthorized attempt to access the Starwood guest reservation database on September 8. Marriott officials contacted leading security experts to determine what happened, who found the issue goes back to 2014.
Investigators discovered that an unauthorized party had copied and encrypted information, and took steps towards removing it. On November 19, Marriott was able to decrypt the information and determined that the contents were from the Starwood guest reservation database.
"Today, Marriott is reaffirming our commitment to our guests around the world. We are working hard to ensure our guests have answers to questions about their personal information, with a dedicated website and call center," Sorenson continued. "We will also continue to support the efforts of law enforcement and to work with leading security experts to improve. Finally, we are devoting the resources necessary to phase out Starwood systems and accelerate the ongoing security enhancements to our network."
The hack is being dubbed one of the largest in history, and is causing regulators in Britain and at least three U.S. states to launch investigations. Customers began being notified Friday of the potential issues associated with the potentially stolen data.
Marriott said it was too early to estimate the financial impact of the breach.
For the latest travel news, updates and deals, subscribe to the daily TravelPulse newsletter.
Topics From This Article to Explore
