November 30, 2018 8:01 am
Updated: November 30, 2018 9:00 pm

Marriott says Starwood Hotel database hacked, could affect 500 million guests

WATCH: One of the biggest hacks in history has hit the world's biggest hotel chain. The data of up to 500 million Marriott customers have been compromised, and the breach dates back to 2014. Mike Drolet reports.


Marriott International said on Friday that a guest reservation database of its Starwood Hotel brand was breached, potentially exposing information on about 500 million guests.

The company said on Nov. 19, its investigation showed that an unauthorized party had copied and encrypted information, which contained guest information relating to reservations at Starwood hotels on or before Sept. 10. Starwood hotels include the Sheraton, Le Meridien, Four Points by Sheraton and W Hotels.

Story continues below

READ MORE: 3 steps to take if your credit information is stolen in a data breach

Officials from Marriott said Canadian customers are affected by the hack.

“Canadian customers who made reservations at a Starwood property are affected,” spokesperson Tracey Schroeder said in an email to Global News. “The investigation is ongoing and we will share more details as appropriate.”

Marriott said it quickly engaged leading security experts to help determine what happened and learned there had been unauthorized access to the Starwood network since 2014.

WATCH: Security experts say a massive data breach affecting some 500 million guests with the Starwood reservation system is a sign of the times. Tomasia DaSilva reports on the growing number of breaches and what you can do to protect yourself.

The company said it has not finished identifying duplicate information in the database, but believes it contains information on up to approximately 500 million guests who made a reservation at a Starwood property.

For around 327 million of these guests, the information includes some combination of name, mailing address, phone number, email address, passport number, date of birth, gender, arrival and departure information, reservation date, and communication preferences.

WATCH: Is your personal data becoming “weaponized?”

For some, the information also includes payment card numbers and payment card expiration dates, but the payment card numbers were encrypted, Marriott said.

The company said it had taken steps to rectify the situation.

Marriott was not immediately available for further comments.

If you think you have been affected, the Marriott has set up an website where more information is available. 

If you are worried that your credit card or other personal information has been stolen, experts say you should monitor your bank account to make sure there are no suspicious charges. If you see any, report it to your bank. You can also sign up for credit monitoring, which will alert you if there is any suspicious activity relating to identity fraud.



© 2018 Reuters

Report an error


Want to discuss? Please read our Commenting Policy first.