Marriott says its Starwood database was hacked on approximately 500 million guests

Marriott International Inc. has been investigating a hack involving unauthorized access to the guest reservation database at its Starwood unit since 2014, in what may be one of the biggest such data breaches.
The attack involved 500 million guests and included some passport numbers and credit card information.

Key Insights

  • Hack may rank only below Yahoo as one of the biggest of personal data. Yahoo suffered a 2013 security breach that exposed all 3 billion of its users at the time.
  • Attack troubling because of the amount of details potentially stolen by the attackers. In 2017 an attack on Equifax Inc. that may have affected about 143 million U.S. customers, also included social security numbers, birth dates, and credit card numbers for about 209,000 consumers.
  • Regulators and consumers have been stepping up their action against companies who’ve suffered security breaches.

Market Reaction

  • Shares slumped after the news.

Get More

  • Marriott database contained guest information relating to reservations at Starwood properties on or before Sept. 10, 2018. For about 327 million guests, the data included passport numbers, emails and mailing addresses.
  • For some, it also included payment card details, said Marriott, which didn’t identify who the perpetrators might be
  • Marriott said it reported the incident to law enforcement and continues to support their investigation. The company has already begun notifying regulatory authorities