This post contains references to products from one or more of our advertisers. We may receive compensation when you click on links to those products. For an explanation of our Advertising Policy, visit this page.
Just a few months after Marriott unveiled to the world that much of its guest data had been compromised in one of the worlds largest-ever data breaches, guests are now learning what specific information was taken by hackers. Marriott has said that the information of up to 383 million userswas stolen from the Starwood databases in a breach that lasted from 2014 through late 2018.
Personal information like birth dates, addresses, loyalty program numbers and travel details were lifted from Starwood’s system, but most notably up to 19 million passport numbers were stolen — information that’s incredibly sensitive, and could lead to identity theft.
In mid-February, Marriott released a form that allowed guests to request what parts of their personal information may have been exposed in the breach. On Wednesday, the hotel chain has started sending out the results of the inquiries. TPG Executive Editorial Director Scott Mayerowitz and Senior Writer JT Genter both received a response revealing what Marriott says was stolen. Here’s the letter sent to Genter:
Dear John Genter,
We are in receipt of your inquiry regarding whether your personal data was involved in the recent Starwood Guest Reservation Database security incident. Based on the information you provided to us, we believe that your information was involved. Following our analysis, we believe that the following information about you was involved in the incident:
* Birthday (Month and Day Only)
* Address Information
* Primary Email Address
* Primary Phone Number
* Other Phone Information
* Starwood Preferred Guest (SPG) Number
* Starwood Preferred Guest (SPG) Loyalty Status and Balances
* Guest Frequent Traveler Program Information
* Starwood Executive Traveler Number
* Guest Opt-In Preferences
* Email Communication Preferences
* Reservation Details
* Central Starwood Unique Record Locator
* Employed at Starwood (Y/N)
* Record History Information
Where available in your country/region, Marriott is offering affected guests the opportunity to enroll in a personal information monitoring service free of charge for one year. More information about this service can be found at info.starwoodhotels.com. If you have further questions or requests regarding this information, please contact us through this portal. You will continue to have access to this request for the next 30 days.
Marriott Privacy Center
Results reveal that both Genter and Mayerowitz had large amounts of information taken. Marriott still does not know who was responsible for the attack.
In testimony to the US Senate last week, Marriott CEO Arne Sorenson said that Marriott believes 19 million passport numbers were stolen, and thinks about five million of those passport numbers were unencrypted, making them highly vulnerable to being compromised. Marriott has said it will pay for new passports of travelers who were affected by the data breach. Nine million encrypted credit card numbers were stolen, but only a small percentage of those were unencrypted.
Sorenson added that Marriott is using a third-party service to track the stolen data and so far it believes none of the stolen information has appeared on the internet or dark web. If you were affected by the hack, see TPG‘s guide on what to do to protect yourself, including using Marriott’s third-party tool to track if your information appears anywhere. It’s worth noting that Sorenson has said that data of guests’ traveling companions were likely compromised too.
Featured image by Shutterstock.com
Know before you go.
News and deals straight to your inbox every day.
NEW INCREASED OFFER: 60,000 points! With great travel benefits, 2x points on travel & dining and a 60,000 point sign up bonus worth up to $1,200 in value, the Chase Sapphire Preferred is a great card for those looking to get into the points and miles game. Here are the top 5 reasons it should be in your wallet, or read our definitive review for more details.
- Earn 60,000 bonus points after you spend $4,000 on purchases in the first 3 months from account opening. That's $750 toward travel when you redeem through Chase Ultimate Rewards®
- Chase Sapphire Preferred named "Best Credit Card for Flexible Travel Redemption" - Kiplinger's Personal Finance, June 2018
- 2X points on travel and dining at restaurants worldwide & 1 point per dollar spent on all other purchases.
- No foreign transaction fees
- 1:1 point transfer to leading airline and hotel loyalty programs
- Get 25% more value when you redeem for airfare, hotels, car rentals and cruises through Chase Ultimate Rewards. For example, 60,000 points are worth $750 toward travel
- No blackout dates or travel restrictions - as long as there's a seat on the flight, you can book it through Chase Ultimate Rewards