Data Breach
Marriott International (Starwood) Data Breach
500.0M records exposed • July 2014
Chinese government hackers broke into Starwood Hotels' system and stayed hidden for four years. When Marriott bought Starwood, they inherited the breach without knowing. By the time anyone noticed, hackers had access to 500 million guests' data—one of the largest breaches ever. They got passport numbers, travel histories, and payment info.
What Happened
Attackers had access to Starwood's reservation system for four years before Marriott acquired Starwood in 2016. The breach wasn't discovered until 2018, affecting up to 500 million guests. The attack was attributed to Chinese state-sponsored hackers conducting intelligence gathering. Marriott was fined £18.4 million by the UK ICO.
Attack method: Advanced persistent threat - network compromise
What Data Was Exposed
Names, Email addresses, Phone numbers, Passport numbers, Dates of birth, Starwood Preferred Guest numbers, Arrival and departure information, Encrypted payment card numbers
Is your business exposed?
What to Do If You're Affected
- 1.
Check if you were a Starwood guest before September 2018
- 2.
If passport number exposed, monitor for misuse or consider replacement
- 3.
Change passwords for Marriott/Starwood accounts
- 4.
Monitor credit card statements for cards used at Starwood properties
- 5.
Enroll in Marriott's free WebWatcher identity monitoring
- 6.
Be alert for targeted spear-phishing using travel data
Lessons for Businesses
- • M&A due diligence must include thorough security assessments
- • Nation-state actors are interested in travel and hospitality data
- • Breaches can go undetected for years without proper monitoring
- • Inherited systems may contain inherited compromises
Sources
Related Breaches
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required