This post contains references to products from one or more of our advertisers. We may receive compensation when you click on links to those products. For an explanation of our Advertising Policy, visit this page.

Marriott International said Friday the data of up to 500 million of its guests has been stolen from its Starwood guest reservation database. The data breach is likely one of the largest ever in US history.

The hotel chain, which is the world’s largest, said in a release on Friday that it was first alerted to the hack in September after receiving notification from an internal security tool that there was an attempt to access customers’ data. The company started an investigation and learned that hackers have had access to Starwood guest database since 2014.

For four years, the hackers stole and encrypted customers’ personal information, creating their own database of Starwood guests’ data. It took Marriott until Nov. 19 to decode most of the breached information.

For about 327 million guests, the hackers absconded with “some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest (“SPG”) account information, date of birth, gender, arrival and departure information, reservation date, and communication preference,” Marriott said.

An undisclosed number of customers also had their payment card numbers and expiration dates breached. That information was encrypted in two parts, but the hotel chain said it can’t rule out that both were stolen and decoded.

For the remaining chunk of guests, the stolen information “was limited to name and sometimes other data such as mailing address, email address, or other information,” Marriott said.

“We are still investigating the situation so we don’t have a list of specific hotels. What we do know is that it only impacted Starwood brands,” Marriott spokesperson Jeff Flaherty told Reuters.

The hotel chain apologized to customers and has taken steps to address the security issues. Marriott is working with law enforcement on the breach. It also is providing affected customers with one free year of an information protection service, called WebWatcher. The company will start contacting affected customers by email on Friday.

Featured image by Roberto Machado Noa/LightRocket via Getty Images.

*This post has been updated with Marriott’s spokesperson’s comments.

The best beginner points and miles card out there.
Chase Sapphire Preferred® Card

With great travel benefits, 2x points on travel & dining and a 50,000 point sign up bonus, the Chase Sapphire Preferred is a great card for those looking to get into the points and miles game. Here are the top 5 reasons it should be in your wallet, or read our definitive review for more details.

Apply Now
More Things to Know
  • Earn 50,000 bonus points after you spend $4,000 on purchases in the first 3 months from account opening. That's $625 toward travel when you redeem through Chase Ultimate Rewards®
  • Chase Sapphire Preferred named "Best Credit Card for Flexible Travel Redemption" - Kiplinger's Personal Finance, June 2018
  • 2X points on travel and dining at restaurants worldwide & 1 point per dollar spent on all other purchases.
  • No foreign transaction fees
  • 1:1 point transfer to leading airline and hotel loyalty programs
  • Get 25% more value when you redeem for airfare, hotels, car rentals and cruises through Chase Ultimate Rewards. For example, 50,000 points are worth $625 toward travel
  • No blackout dates or travel restrictions - as long as there's a seat on the flight, you can book it through Chase Ultimate Rewards
Intro APR on Purchases
N/A
Regular APR
17.99% - 24.99% Variable
Annual Fee
$0 Intro for the First Year, then $95
Balance Transfer Fee
Either $5 or 5% of the amount of each transfer, whichever is greater.
Recommended Credit
Excellent Credit

Editorial Disclaimer: Opinions expressed here are the author’s alone, not those of any bank, credit card issuer, airlines or hotel chain, and have not been reviewed, approved or otherwise endorsed by any of these entities.

Disclaimer: The responses below are not provided or commissioned by the bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by the bank advertiser. It is not the bank advertiser’s responsibility to ensure all posts and/or questions are answered.