The personal information of 500 million people staying at Starwood hotels may have been exposed in a massive data breach.
Marriott International, the US hotels giant which operates about 6,500 hotels in 127 countries, said on Friday that customer details were exposed following a hack on its Starwood room reservation database that had been ongoing since 2014.
For about 327 million of the 500 million affected, data exposed could include mailing address, phone number, email address, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation date and communication preferences.
“Marriott values our guests and understands the importance of protecting personal information. We have taken measures to investigate and address a data security incident involving the Starwood guest reservation database,” the company said in statement on Friday.
“Marriott is working hard to ensure our guests have answers to questions about their personal information with a dedicated website and call center.”
Over the weekend, US Senator Chuck Schumer called for Marriott to cover the US $110 (AU$152, UK£80) new passport fee for anyone who’s information was compromised.
While Marriott believes the chance of hackers using passport numbers “is very low”, the hotel giant announced it will pay for new passports, as long as customers can prove fraudulent activity took place.
However, the U.S. State Department announced Monday that guests whose passport number was hacked in the data breach should not apply for a new passport or report their number stolen unless the physical copy of the passport was actually lost or stolen.
Marriott is also offering those who were hacked a year of free personal information monitoring from Kroll — a risk consulting firm.
Starwood operates hotels under the names: W Hotels, St Regis, Sheraton Hotels and Resorts, Westin Hotels and Resorts, Element Hotels, Aloft Hotels, The Luxury Collection, Tribute Portfolio, Le Meridien Hotels and Resorts, Four Points by Sheraton and Design Hotels.
Marriott has set up a website and call centre for anything who thinks that they are at risk.