- Hotel chain Marriott has suffered a large-scale data breach that may have affected private data of up to 500 million users.
- The attack started in 2014, and it may be the second largest data breach in history after Yahoo.
- The stolen data has not appeared in dark web forums yet which may hint at the target being committed by competitors.
Hackers breached the Marriott Starwood Guest Reservation Database that contained private data of up to 500 million customers of the hotel chain. The information includes names, address, credit card information and in some cases passport numbers. Surprisingly, the stolen data is not up for sale in forums and dark web websites which indicates the data was stolen for intelligence purposes.
The Yahoo incident that happened in 2013 is the only security breach in history that trumps Marriot. Despite security measures being in place, attackers manage to find exploits to break into the biggest companies in the world proving that our information is not safe on the internet.
The hotel group revealed in an official statement that it “learned during the investigation that there had been unauthorized access to the Starwood network since 2014. The company recently discovered that an unauthorized party had copied and encrypted information, and took steps towards removing it. On November 19, 2018, Marriott was able to decrypt the information and determined that the contents were from the Starwood guest reservation database.”
The attacks on Marriot’s Starwood database coincides with other breaches that occurred at government agencies and health insurers in America. It is currently unknown if the attacks are connected to each other as of now. All users who made reservations at Marriott-owned Starwood hotels between 2014 to September 2018 have been affected.
A dedicated website has been set up by Marriott along with a call center that guests can connect to. All affected customers were contacted on Friday to be notified about the breach. Marriott’s president and chief executive has apologized to all patrons about the issue.