ads

Friday, November 30, 2018

Marriott says 500 million Starwood guest records stolen in massive data breach

Starwood Hotels has confirmed its hotel guest database of about 500 million customers has been stolen in a data breach.

The hotel and resorts giant said in a statement filed with U.S. regulators that the “unauthorized access” to its guest database was detected on or before September 10 — but may have dated back as far as 2014.

“Marriott learned during the investigation that there had been unauthorized access to the Starwood network since 2014,” said the statement. “Marriott recently discovered that an unauthorized party had copied and encrypted information, and took steps towards removing it.”

Specific details of the breach remain unknown. We’ve contacted Starwood for more and will update when we hear back.

The company said hat it obtained and decrypted the database on November 19 and “determined that the contents were from the Starwood guest reservation database.”

Some 327 million records contained a guest’s name, postal address, phone number, date of birth, gender, email address, passport number, Starwood’s rewards information (including points and balance), arrival and departure information, reservation date, and their communication preferences.

Starwood said an unknown number of records contained encrypted credit card data, but has “not been able to rule out” that the components needed to decrypt the data wasn’t also taken.

“Marriott reported this incident to law enforcement and continues to support their investigation,” said the statement.

Marriott-owned Starwood the largest hotel chain in the world, with more than 11 brands covering 1,200 properties, including W Hotels, St. Regis, Sheraton, Westin, Element and more. Starwood branded timeshare properties are also included. The company said that its Marriott hotels are not believed to be affected as its reservation system is “on a different network.”

The company has begun informing customers of the breach — including in the U.S., Canada, and the U.K.

Given that the breach falls under the European-wide GDPR rules, Starwood may face significant financial penalties of up to four percent of its global annual revenue if found to be in breach of the rules.

Gift Guide: The best security and privacy tech to keep your friends safe



from TechCrunch https://ift.tt/2KILpWB
via IFTTT
at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Dive into the Horrors: PvZ Battle Against the Nightmares

https://www.modcraftforge.com/minecraft/horrrs-pvz?pub=596582 If you're a fan of both PvZ (Plants vs Zombies) and Minecraft , get ready...

  • Max Q: Psyche(d)
    In this issue: SpaceX launches NASA asteroid mission, news from Relativity Space and more. © 2023 TechCrunch. All rights reserved. For pers...
  • What’s Stripe’s deal?
    Welcome to  The Interchange ! If you received this in your inbox, thank you for signing up and your vote of confidence. If you’re reading th...
  • Max Q: Anomalous
    Hello and welcome back to Max Q! Last week wasn’t the most successful for spaceflight missions. We’ll get into that a bit more below. In th...