If you're among the 500 million Marriott International guests whose personal data have been compromised by the massive four-year breach of personal information, then you need to act now to minimise the exposure.
Who does it affect?
The data breach directly affects between 327 million and 500 million guests who booked into Marriott's Starwood properties between 2014 and September 10, 2018.
Starwood properties impacted are Aloft, Design Hotels, Element, Four Points by Sheraton, Le Méridien, Sheraton, St. Regis, The Luxury Collection, Tribute Portfolio, W Hotels and Westin.
What personal information was hacked?
For most guests, around 327 million who booked through Marriott, the information will be a combination of name, date of birth, mailing address, phone number, email address, passport number, Starwood Preferred Guest (SPG) account information, gender, arrival and departure information, reservation date, and communication preferences.
For others, the information also includes payment card numbers and payment card expiration dates. There are two components needed to decrypt payment card points, but Marriott cannot yet confirm whether both were taken.
What could be the impact?
As the data breach was so broad, deep and wide, experts are warning affected guests could be victim to phone scams, phishing attempts and even financial fraud. For those that had passport numbers breached, there could be a risk of identity theft.
I'm affected, what can I do?
To minimise the chances of falling victim to what has been described as the biggest breach since the Yahoo hack of 2013, which impacted three billion accounts, here are five tips to keep you out of any potential criminal's clutches:
Change passwords: One of the first elements to deal with is changing your passwords if you believe you may have been a victim of any data breach. Ensure you change your password, mainly if you only use one for multiple platforms and places.
Monitor accounts: As the breach occurred in 2014, it's a good idea to double-check all your financial statements to ensure you haven't unwittingly lost any money. Get into the habit of checking your accounts every few days to be doubly sure, and if your fears have been realised, get in touch with your credit card operator or bank urgently. You may even be able to put a block on accounts until you are satisfied the accounts are clean. Change the password to your online credit card account
Keep an eye out for phishing attempts: With hackers having harvested personal information, phishing attempts will look more genuine. Consider against clicking on emails that may come from Marriott or Starwood hotels if they don't seem genuine, as criminals will now try to take advantage of this by sending phishing emails.
Use Multi-factor Authentication: Utilise a second step of data protection, such as an SMS text, to counter the chance of someone having obtained a breached password. Even so, change the password.
Use Marriott's hand of help: Don't dismiss Marriott's help, even if you feel angry and frustrated at the potential breach. Marriott has established a dedicated call centre to answer questions over the data breach and has also sent an email on November 30, 2018, to affected guests whose email addresses are in the Starwood guest reservation database.
It is also giving guests the chance to enroll through WebWatcher free of charge for a year. WebWatcher monitors interest sites where personal information is shared and generates an alert to the consumer if evidence of the consumer’s personal information is found.
What does Marriott say about the breach?
“We deeply regret this incident happened,” said Arne Sorenson, Marriott’s President and Chief Executive Officer. “We fell short of what our guests deserve and what we expect of ourselves.
"We are doing everything we can to support our guests, and using lessons learned to be better moving forward.”
Andy Probert left the British rat race after a 25 year as a journalist and PR specialist to live in Turkey and now Cyprus, a compulsive traveller his favourite places include Vietnam and India among many. Among the travel Andy continues to write freelance and still maintains a PR client base.