Back in November we told you about a compromise with Marriott and Starwood, Data Breach. Per new press release, “Marriott today is providing an update on the number of guests whose passport numbers and payment card numbers were involved in the Starwood reservations database security incident announced by the company on November 30, 2018.”
Marriott Provides New Update On Data Breach
As reported by Marriott press release:
Number of Guests impacted:
Marriott now believes that the number of potentially involved guests is lower than the 500 million the company had originally estimated. Marriott has identified approximately 383 million records as the upper limit for the total number of guest records that were involved in the incident. This does not, however, mean that information about 383 million unique guests was involved, as in many instances, there appear to be multiple records for the same guest.
Passport Information impacted:
Marriott now believes that approximately 5.25 million unencrypted passport numbers were included in the information accessed by an unauthorized third party.
Credit Card Information impacted:
Marriott now believes that approximately 8.6 million encrypted payment cards were involved in the incident. Of that number, approximately 354,000 payment cards were unexpired as of September 2018.
Marriott continues to offer the following services to help guests monitor and protect their information:
Dedicated Website and Call Center
Marriott has established a dedicated website (https://info.starwoodhotels.com) and call center to answer questions guests may have about this incident. The frequently asked questions on https://info.starwoodhotels.com have been updated and may be further supplemented from time to time. The call center is open seven days a week and is available in multiple languages.
Free Web Monitoring
Guests from countries and regions listed on the site have the opportunity to enroll in web monitoring services free of charge for one year. Please visit https://info.starwoodhotels.com and click on Free Identity Monitoring to learn more.
It’s pretty disappointing that the passport numbers were mostly not encrypted. Unfortunately, this happens all too often these days.