Hotel giant Marriott has confirmed that the details of up to 500 million guests of its Starwood group hotels may have been accessed in a massive data breach.
The American company said in a statement that it detected a potential hack on 19 November and that its investigation had identified a huge tranche of customer data as being vulnerable.
It said in a statement: “The company has not finished identifying duplicate information in the database, but believes it contains information on up to approximately 500 million guests who made a reservation at a Starwood property.”
Which hotels are affected?
Marriott owns Starwood, which includes W Hotels, St. Regis, Sheraton Hotels & Resorts, Westin Hotels & Resorts among its brands.
Element Hotels, Aloft Hotels, The Luxury Collection, Tribute Portfolio, Le Méridien Hotels & Resorts, Four Points by Sheraton and Design Hotels, and Starwood branded timeshare properties are also included, the company said.
Are Britons affected?
HuffPost UK asked Marriott for more information on whether Britons who have used its hotels are affected – given the volume of data involved, said to be 500 million guests – it seems highly likely.
Customers should check the email addresses they used to book hotel rooms, as those who are affected will be notified by email.
What is the company doing about it?
Marriott has reported the breach to police and has begun notifying regulators.
“We deeply regret this incident happened,” Arne Sorenson, Marriott’s president and CEO, said. “We fell short of what our guests deserve and what we expect of ourselves. We are doing everything we can to support our guests, and using lessons learned to be better moving forward.”
A press statement added that customers affected by the hack can access a special helpline and website, as well as receive data protection software free for one year.
The breach could become one of the biggest thefts of personal data since Yahoo! confirmed three billion users of its email business had been hacked in 2013.