Story image

Marriott sets up call centres to answer questions on data breach

17 Dec 18

Marriott has released an update on the breach of the Starwood guest reservation data breach which affected 500 million guests.

When investigating the incident, Marriott learned that there had been unauthorised access to the Starwood network since 2014.

It discovered that an unauthorised party had copied and encrypted information, and took steps towards removing it.

On November 19, Marriott was able to decrypt the information and determined that the contents were from the Starwood guest reservation database.

The breach, reported on December 3, included some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences.

Dedicated call centre

Marriott has set up a dedicated website and call centre to answer its customers’ questions about their personal information and the data breach.

The call centre is available in multiple languages and Marriott warned that they would be likely to experience high call volumes initially.

Email notification

Marriott also reported that it began sending emails on a rolling basis on November 30 to affected guests whose email addresses are in the Starwood guest reservation database.

Free identity monitoring

In certain countries and regions, Marriott is offering affected guests the opportunity to enrol in a personal information monitoring service free of charge for one year.

This will be provided by Experian, a global data and information service provider.

This service (IdentityWorks Global Internet Surveillance) is available to residents of Australia, Brazil, Germany, Hong Kong, India, Ireland, Italy, Mexico, New Zealand, Poland, Singapore, Spain and the Netherlands.

IdentityWorks Global Internet Surveillance monitors whether a user’s personal data is available on public websites, chat rooms, blogs, and non-public places on the internet where data can be compromised, such as "dark web" sites, and generates an alert to if evidence of their personal information is found.

This is an optional service, and how much information users want to include in the identity monitoring is completely at their discretion.

Starwood properties impacted include:

  • Westin
  • Sheraton
  • The Luxury Collection
  • Four Points by Sheraton
  • W Hotels
  • St. Regis
  • Le Méridien
  • Aloft
  • Element
  • Tribute Portfolio
  • Design Hotels 

At the time of the disclosure, Marriott president and chief executive officer Arne Sorenson said, “We deeply regret this incident happened.”

“We fell short of what our guests deserve and what we expect of ourselves. 

“We are doing everything we can to support our guests, and using lessons learned to be better moving forward.”

IoT breaches: Nearly half of businesses still can’t detect them
The Internet of Thing’s (IoT’s) rapid rise to prominence may have compromised its security, if a new report from Gemalto is anything to go by.
Carbon Black: What does cybersecurity have in store for 2019?
Tom Kellerman has shared five insights for the year ahead, including a particularly bold one.
Hands-on review: The Ekster Wallet protects your cards against RFID attacks
For some time now, I’ve been protecting my credit cards with tinfoil. The tinfoil hat does attract a lot of comments, but thanks to Ekster, those days are now happily behind me.
Report on SingHealth breach condemns poor security practices
The 2018 Singapore SingHealth data breach was poorly managed and riddled with vulnerabilities from the start.
Tesla wants people to hack its Model 3
Tesla is offering white hat hackers what could be the chance of a lifetime – the opportunity to hack one of its Model 3 vehicles.
How to tackle cyber threats in your home
How should you start securing your devices? The company has provided tips for actions you can take across social media, home routers, TVs, and many more.
Endace joins IBM Security app exchange community
EndaceProbe Network Analytics Platform captures, indexes, and stores network traffic while hosting a variety of network security and performance monitoring applications.
Datto names new CEO as founder steps back
Austin McChord continues as a board member as the former president and COO takes over as CEO.