Marriott Data Breach: How 500 Million People Might Be Affected

Posted on by David Lukic in Data Breaches October 16, 2020

Marriott Hotels were the target of a four-year-long data breach that ultimately affected 500 million guests.The Marriott data breach gave the hackers entry to the Marriott reservation system, thus infiltrating all Marri ott’s Starwood subsidiaries. On the heels of the Yahoo data breach, the Marriott hack is another large-scale loss. Along with personal details stolen, hackers grabbed credit card numbers, phone numbers, passport numbers, dates of birth, and arrival and departure dates. This data breach is particularly sensitive because of the added component of travel records stolen indicating who traveled where, when, and with whom. 

When Was the Marriott Data Breach?

Marriott Data Breach

The Marriott hotel data breach occurred sometime during 2014 and continued until 2018 when it was discovered and reported around September 8, 2018. Cybersecurity experts reviewed the hotel chain’s security protocols and found them lacking, thus why perpetrators were able to continue accessing data for four years. High ranking officials fear that this Marriot hack was instituted by a foreign nation looking to monitor travel plans for diplomats and other government officials. No official statement has been made and no arrests to date, but there are hints that China was involved. 

Marriott hotel Data Breach: Am I Affected? 

If you were one of the 500 million guests affected, you should have received a letter from Marriott explaining what to do. You can also contact Marriott directly for additional information. Unfortunately, there is no online method of checking to see if your data was affected by this breach. There are a few class-action lawsuits in the works, but it is doubtful that there will be any type of cash payout for victims. 

What You Should Do After The Marriott Data Breach

If your data was among the 500 million customers affected by Marriott’s data breach, you would want to make some changes quickly.

  • First, change all your online login passwords and use complex combinations of letters, numbers, and symbols.

  • Monitor your banking and credit card information scouring for any suspicious activity.

  • Be on the lookout for phishing emails. Whenever a data breach occurs, one of the ways cybercriminals dig in deeper is to use scam emails to get users to click a link or download a file that infects their computer with a virus or malware.

  • Never click any links in email or download attachments unless you know the sender.

  • If you incurred losses, contact Marriott for additional compensation. 

Marriott Hotel Data Breach Insurance: They are Paying For Passport Fees?

If you can prove identity theft or fraudulent activity as a direct result of the loss of your passport number due to the Marriott Starwood data breach, they are willing to reimburse you for the fee to have a new passport created. You must contact them directly to obtain details. The Starwood Corporation, which purchased Marriott Hotels, has this website to help with any questions and details of the breach:

Can My Personal Information From Marriott Hack be Used for Identity Theft?

Unfortunately, the vast treasure trove of information stolen by cybercriminals during the Marriott hacking incident is more than enough for identity theft. Personal details like dates of birth, passport numbers, and other sensitive information most likely made its way to the dark web and were sold for the purpose of identity theft, hacking, or perpetrating ransomware. 

Steps to Protect Yourself against Identity Theft

It’s much easier to protect yourself against identity theft than clean it up later. There are a few precautions you can take now and ongoing routines to help keep you safe.

  • Sign up for credit monitoring service. is an excellent choice for this service) and check for any suspicious activity.

  • Update your antivirus software and run deep scans often.

  • Consider a credit freeze where your identity cannot be used to open new accounts without your authorization. 

Finding and resolving identity theft issues is easier if you stay on top of all your accounts regularly.

About the Author
IDStrong Logo

Related Articles

The Anatomy Of Amazon Data Breach Explained

Along with being an online merchant, Amazon also supplies cloud servers to some heavy hitters in the fina... Read More

What is an Accidental Web Exposure and How to Prevent Data Leakage

Data breaches take many forms, and one of them is through accidental web exposure and data leakage. Milli... Read More

The Saga of T-Mobile Data Breach

T-Mobile Data Breach incident occurred many times. Once from September 1, 2013, and September 16, 2015 an... Read More

Anthem Data Breach Exposed 78 Million Records

In the Anthem Data Breach of 2015, hackers were able to steal 78.8 million member’s records. What start... Read More

Scan Your Records for Breaches, Leaks & Exposures!