Marriott November 2018 data breach: Everything you need to know
By now, you've probably heard about the recent Marriott data breach. It's a story that's been making the rounds like a crazy, as it should seeing as how it's one of the worst corporate data breaches to ever happen.
Whether you're a concerned Marriott customer or just want to stay informed about what's going on, here's everything you need to know.
What happened
On November 30, 2018, Marriott announced that a group of hackers obtained "unauthorized access" to the reservation system of its Starwood locations — a collection of hotels that the company purchased in 2016 which includes names like W Hotels, Sheraton, Westin, and St. Regis.
The hackers have had access to the system since 2014, but Marriot didn't find out until September 8, 2018, when it "received an alert from an internal security tool regarding an attempt to access the Starwood guest reservation database in the United States." Despite learning about this in September, an announcement wasn't made until today.
Here's what Marriot said in a press release:
Of that 500 million, the following information was exposed for 327 million people:
- Names
- Phone numbers
- Email addresses
- Passport numbers
- Date of birth
- Arrival and departure info
For everyone else, it's possible that credit card numbers and their expiration dates were obtained. Marriott notes that it can't 100% confirm whether or not the card numbers were decrypted, but that's obviously still not good either way.
Be an expert in 5 minutes
Get the latest news from Android Central, your trusted companion in the world of Android
The company's CEO and President, Arne Sorenson, responded to the situation with the following statement:
What Marriott is doing
Marriot has reported the incident to the authorities, and in the meantime, is sending emails to anyone that's been affected. You can visit this website for further information, and if you'd like to speak with a real person from Marriott about the matter, you can contact a dedicated call center. The number for the center is 877-273-9481 in the United States, and you can view the numbers for other countries on the site, too.
In addition to this, Marriot is also providing its guests with access to a free WebWatcher membership. WebWatcher is a personal information monitoring tool and has apps for Android, iOS, Windows, and Mac.
What you can do to stay safe
Any data breach needs to be taken seriously, but this one could prove to be especially damning.
Change as many online passwords as you can, get a new credit/debit card, and possibly consider changing your email address and phone number. Those may sound like drastic steps, but with so much data being exposed for so many people, you can never be too safe in a situation like this.
On the technical side of things, now's a good time to start using both a password manager and two-factor authentication if you aren't already. We have a few links below to help you get started.
Password managers
- Best Password Manager For Android
- Best password manager apps for iPhone and iPad
- Best password manager apps for Mac
- Best password manager for Windows
Two-factor authentication
Joe Maring was a Senior Editor for Android Central between 2017 and 2021. You can reach him on Twitter at @JoeMaring1.