Marriott discovered athat could have affected up to 500 million guests, the company said Friday.
Thegroup revealed that hackers compromised the guest reservation database of its Starwood division.
An internal investigation found that its network was first breached in 2014, and that “an unauthorized party had copied and encrypted information.” For around 327 million of those impacted, that data included names, addresses, phone numbers, emails, passport numbers and travel details.
Marriott noted that some of the stolen information also included payment card numbers and expiration dates. Even though this data is normally encrypted, the company said the encryption key data might’ve been stolen too.
“We fell short of what our guests deserve and what we expect of ourselves,” said Arne Sorenson, Marriott’s president and CEO, in a release.
“We are doing everything we can to support our guests, and using lessons learned to be better moving forward.”
: It’ll let you know if the website you’re visiting suffered a data breach.
: A vulnerability put the data of 50 million users at risk