- Office of Consumer Affairs and Business Regulation
Over 500 million people may have been impacted by a data breach affecting the Marriott’s Starwood hotels guest reservation system. Marriott International, which owns the former Starwood brand hotels, says that in early September, an alert from a security tool provided notification that an intruder was attempting to access the guest reservation database. An investigation followed, and Marriot discovered that there has been unauthorized access to the Starwood network since 2014.
There are 122 Starwood hotels in Massachusetts, with 6 locations in Boston. On Friday, the company stated that compromised information includes mailing addresses, phone numbers, email addresses, passport numbers, birth date, gender, details of the date and time of their stays and Starwood Preferred Guest account information. It is possible credit/debit card numbers and expiration dates were also accessed, however, Marriott is unsure if the encryption components needed to decrypt the payment card numbers were taken as well.
While Marriott is still investigating the extent of the breach, the company has agreed to cover the fees associated with obtaining a replacement passport if they determine customers have been victims of fraud.
If you have stayed at one of the Marriott Starwood Hotels and think you may have been affected, a website and call center has been set up. Marriott has also begun sending emails to guests whose email addresses are in the reservation database.