Marriott has second massive data breach in 2 years; over 5 million guests compromised

Mar 31, 2020

This post contains references to products from one or more of our advertisers. We may receive compensation when you click on links to those products. Terms apply to the offers listed on this page. For an explanation of our Advertising Policy, visit this page.

On Tuesday, March 31, Marriott International disclosed that it suffered a data breach that likely affected more than 5 million guests.

According to a press release from Marriott, the breach began in mid-January 2020 and was discovered at the end of February 2020. Per the results of the company’s investigation, compromised data includes contact details (name, phone number, email address, mailing address); loyalty account information (passwords were not affected); additional personal details (birth date, gender, company); partnerships and affiliations (linked airline accounts and frequent flyer numbers) and preferences (language and room preferences).

For more TPG news delivered each morning to your inbox, sign up for our daily newsletter.

Marriott says that Bonvoy passwords, credit cards, driver’s license/national identification numbers, credit cards and passport information were not affected in this latest breach.

The chain sent emails to all involved parties, though if you want to check for yourself, you can do so through a portal that Marriott has set up. It will let you know if your data was involved in the breach and, if so, what specifically was affected.

If you were affected by this latest breach, you’ll notice that you’ll be required to change your Bonvoy account password upon logging in, and you’ll be asked to set up two-factor authentication to add a layer of security to your account. Marriott says that it’s working with the appropriate authorities regarding this situation.

How to protect yourself from a data breach

With incidences of cybercrime continuing to rise, it’s hard to stay ahead of the curve when it comes to your online information. However, there are some steps you can take to better safeguard your data.

Use identity-protection programs

For those who are affected by this incident, Marriott is offering one year of a complimentary information-monitoring service through IdentityWorks via Experian. U.S. residents can enroll here and those who live outside the U.S. and in participating countries enroll here.

There are other services on the market, like CompleteID (also offered through Experian) and LifeLock, that are available to all consumers and start at $9.99 per month, a small price to pay for data security.

Change your passwords

This always seems like a no-brainer, but this is one of the best ways to keep your information safe. In today’s world, there are an endless number of passwords to keep track of, so we recommend using a password manager like 1Password to keep it all straight for you. 1Password charges roughly $5 per month, and you can store and protect all the passwords for your entire family. It also works with biometric features on the Apple platform like TouchID and FaceID, adding another level of security for your passwords. Hackers are less likely to be able to figure out a unique, 25-character password with letters, numbers and symbols.

For another layer of security, enable two-factor authentication on all accounts that offer it.

Regularly check your accounts

It’s important to check your balances once a month (at the very least) to make sure you don’t see any fraudulent activity. A service like Award Wallet can also help track your balances for free.

Bottom line

This Marriott data breach marks the second in as many years for the world’s largest hotel chain. While this recent breach isn’t nearly as widespread or devastating as the last one that affected Marriott in 2018, it’s concerning that breaches that affect millions of guests continue to happen with some degree of frequency.

Perhaps we’ll crack the code on data security in the future but for now, it’s important to remain vigilant with your online data while cybercriminals still have the upper hand.

Chase Sapphire Preferred® Card

WELCOME OFFER: 60,000 Points

TPG'S BONUS VALUATION*: $1,200

CARD HIGHLIGHTS: 2X points on all travel and dining, points transferrable to over a dozen travel partners

*Bonus value is an estimated value calculated by TPG and not the card issuer. View our latest valuations here.

Apply Now
More Things to Know
  • Earn 60,000 bonus points after you spend $4,000 on purchases in the first 3 months from account opening. That's $750 toward travel when you redeem through Chase Ultimate Rewards®
  • 2X points on travel and dining at restaurants worldwide & 1 point per dollar spent on all other purchases.
  • Get 25% more value when you redeem for airfare, hotels, car rentals and cruises through Chase Ultimate Rewards. For example, 60,000 points are worth $750 toward travel
  • Get unlimited deliveries with a $0 delivery fee and reduced service fees on orders over $12 for a minimum of one year on qualifying food purchases with DashPass, DoorDash's subscription service. Activate by 12/31/21.
  • Earn 5X points on Lyft rides through March 2022. That’s 3X points in addition to the 2X points you already earn on travel.
Intro APR on Purchases
N/A
Regular APR
15.99%-22.99% Variable
Annual Fee
$95
Balance Transfer Fee
Either $5 or 5% of the amount of each transfer, whichever is greater.
Recommended Credit
Excellent/Good

Editorial Disclaimer: Opinions expressed here are the author’s alone, not those of any bank, credit card issuer, airlines or hotel chain, and have not been reviewed, approved or otherwise endorsed by any of these entities.

Disclaimer: The responses below are not provided or commissioned by the bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by the bank advertiser. It is not the bank advertiser’s responsibility to ensure all posts and/or questions are answered.