Marriott Data Breach (2018)
Marriott
#41 largest data breach on record
January 1, 2018
3007 days ago
383.0M
Confirmed
Hacking
Hospitality
On Nov. 30, 2018, the world’s largest hotel chain issued an embarrassing notice that its servers were breached, leaving 500 million guest records in criminal wrong hands. With the help of internal and external forensics and analytics teams, Marriot now knows that the number of affected customers is lower – albeit still high, by any standards. “Working closely with its internal and external forensics and analytics investigation team, Marriott determined that the total number of guest records involved in this incident is less than the initial disclosure,” Marriot says in the update, posted to its news center Friday. “Also, the number of payment cards and passport numbers involved is a relatively small percentage of the overall total records involved,” the hotel chain said. According to the updated news release, Marriott now believes 383 million guests may have been affected, a number it refers to as “the upper limit” for the number of guest records involved in the incident. The number could be lower, Marriott says, considering that many guests have multiple records. The investigation has brought to light several other details as well. For example, approximately 5.25 million unencrypted passport numbers and 20.3 million encrypted passport numbers were among the records accessed by the intruder. Investigators found no evidence that the master encryption key was accessed, but they haven’t ruled it out either. Guests can contact Marriott’s call center and ask reps to look up their passport number to see if and how they are affected. Around 8.6 million encrypted payment cards were involved in the incident, including 354,000 that were unexpired as of September 2018. Again, Marriot believes hackers have not accessed either of the components needed to decrypt the encrypted payment card numbers, but investigators are not ruling out this scenario either. Notably, a small number of customers may be more affected than others because of the way Marriott encrypted some form fields while others were not subject to encryption.