Marriott International, which encompasses a portfolio of more than 6,700 properties in 30 leading hotel brands spanning 129 countries, announced on Nov. 30 that a “data security incident” involving its Starwood guest reservation database, had been discovered. Additionally, Marriott said that unauthorized access to the database had been occurring since 2014.
Marriott International, which encompasses a portfolio of more than 6,700 properties in 30 leading hotel brands spanning 129 countries, announced on Nov. 30 that a “data security incident” involving its Starwood* guest reservation database, had been discovered. Additionally, Marriott said that unauthorized access to the database had been occurring since 2014.
According to a company-issued statement, the incident was discovered Sept. 8 of this year and could affect approximately 500 million guests who made a reservation at a Starwood property since 2014.
For approximately 327 million of these guests, the information includes some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest (“SPG”) account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences. For some, the information also includes payment card numbers and payment card expiration dates, but the payment card numbers were encrypted using Advanced Encryption Standard encryption (AES-128). There are two components needed to decrypt the payment card numbers, and at this point, Marriott officials say they have not been able to rule out the possibility that both were taken. For the remaining guests, the information was limited to name and sometimes other data such as mailing address, email address, or other information.
Marriott officials say that the incident has been reported to law enforcement and regulatory authorities have been notified.
According to the statement, Marriott has taken the following steps to help guests monitor and protect their information:
Dedicated Website and Call Center
A dedicated website (info.starwoodhotels.com) and call center has been established to answer questions guests may have about this incident. The frequently-asked questions on info.starwoodhotels.com may be supplemented from time to time. The call center is open seven days a week and is available in multiple languages.
Marriott began sending emails on a rolling basis starting Nov. 30 to affected guests whose email addresses are in the Starwood guest reservation database.
Free WebWatcher Enrollment
Marriott is providing guests the opportunity to enroll in WebWatcher free of charge for one year. WebWatcher monitors internet sites where personal information is shared and generates an alert to the consumer if evidence of the consumer’s personal information is found. Due to regulatory and other reasons, WebWatcher or similar products are not available in all countries. Guests from the United States who activate WebWatcher will also be provided fraud consultation services and reimbursement coverage for free.
* Starwood brands include: W Hotels, St. Regis, Sheraton Hotels & Resorts, Westin Hotels & Resorts, Element Hotels, Aloft Hotels, The Luxury Collection, Tribute Portfolio, Le Méridien Hotels & Resorts, Four Points by Sheraton and Design Hotels. Starwood branded timeshare properties are also included.
As your trusted advisor, Nusenda Credit Union is monitoring the situation and will notify you if we detect suspicious activity on any of your accounts. To date, we have not identified any member-related fraud related to this breach, but members should review their statements to confirm that listed transactions are valid via Internet Banking or the Mobile Banking app, and notify us immediately of any unauthorized transactions at 889-7755 (800-347-2838 outside the Albuquerque area).
For more information on how we protect member financial information, visit our Account Security page. As a reminder, all transactions made with your credit union debit or credit cards are protected by Visa’s Zero Liability policy, which protects you from fraudulent charges.