Skip to main content

Passport And Credit Card Numbers Stolen In Marriott Hack

By January 19, 2019June 2nd, 2022Cybersecurity

Recently, Marriott Hotels informed the world that they had been the victims of a massive data breach.  As it turns out, the breach was even more serious than was initially reported.

As the company has learned more from the ongoing investigation into the matter, they’ve been doing an admirable job at keeping the public updated, even if the details are cringe-worthy.

According to the latest information, the breach of the Starwood Preferred Guest database impacted up to 383 million travelers, which is fewer than the company’s initial estimate of up to 500 million.  Unfortunately, that’s the only bit of good news.

While the company initially downplayed the amount of information that was taken, they’re now saying that both credit card numbers and expiration dates were compromised.  They underscored that the data was encrypted, but they also admit that they don’t yet know if the components needed to de-crypt the data in a timely fashion were also compromised.  Even if they weren’t, a determined hacker could still de-crypt the information, putting every one of those card numbers at risk.

On top of that, the company has now confirmed that as many as 5.25 un-encrypted passport numbers were taken, along with more than twenty million encrypted passport numbers.

If you’re just hearing about this breach for the first time, the above is in addition to the company’s initial report that more than 327 million guests had non-payment information stolen.

The initial report included:

  • Customer name
  • Address
  • Phone numbers
  • Email addresses
  • Dates they stayed at Marriott hotels, along with departure dates
  • SPG account information
  • Date of birth
  • Gender
  • Other Similar Data

In short, before the most recent update, it was a serious breach by any definition.  The inclusion of payment and passport information makes it even more so, even if the total number of impacted users is less than was originally estimated.

We’ll post further updates if and as they become available.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.