Personal data of more than 500 million people including credit card details, passport numbers, and date of birth has been hacked in a “colossal” hack of Marriott International, including the parent companies.
The company said they became aware of personal data or security breach early in September, but further investigations revealed that the unauthorized access to the database made way back in 2014.
The data obtained by the hackers varies by the customer to customer, but it included names, mailing addresses, phone numbers, email addresses, and passport numbers. Although the credit card numbers are encrypted, we are still not sure that the encryption keys were also stolen or not.
The company said reservations at its Starwood properties, which include the Sheraton Grand Park Lane and Le Méridien Piccadilly in London and the Sheraton Grand in Edinburgh, had been affected by the incident. The first breach was identified in Starwood reservation for guests in the US on 8 September.
Arne Sorenson, the president of Marriott International, said: “We deeply regret this incident happened. We fell short of what our guests deserve and what we expect of ourselves. We are doing everything we can to support our guests, and using lessons learned for moving forward.”
MARRIOTT CYBER ATTACK: DATA BREACH OF 500 MILLION GUESTS LINKED TO CHINESE SPY AGENCY
The cyberattack previously happened on the Marriott Hotel chain which breached personal detail of almost 500 million guests. Tough, according to the investigations, it assumed to associate with the Chinese intelligence-gathering effort. Because it also hacked many more types of data including health and security clearance of Americans,
The hackers suspected of working on the instructions of the ministry of state security, and the civilian spy agency. This discovery came out when Trump administration was planning to target China’s trade, cyber and economic policies within days.
They are thinking to charge those Chinese hackers working under the intelligence services and the army, said four government officials who spoke on the condition of non-disclosing their name. Trump administration is also planning to derestrict the reports to cancel the effect in case the hackers reveal the identity of US government officials.
The hacking of the Starwood chain, which about to happen in September and not expected to associate with these arraignments.
Marriott eyes rebranding after a massive data breach
Marriott International announced a new loyalty program in order to replace the current loyalty brands after the data breach. However, the breach happened two to three years ago but revealed in Nov 2018.
They named the new program Marriott Bonvoy. And, it will replace current loyalty brands: Marriott Rewards, The Ritz-Carlton Rewards, and Starwood Preferred Guest. This restructuring considered the second rebranding since April 2018, when Marriott integrated Starwood Hotels and Resorts worldwide.
That specific Starwood program was the main reason which pushed the data breach reported in November 2018. Although, the number of affected individuals brought down from 500 million to 383 million unique guests. It included unencrypted 5.25 million and 20.3 encrypted passport numbers. According to the New York Times, this breach was one of the largest in history. Marriott is willing to pay for the new passports.