What to do if you're affected by the Marriott data breach

Marriott says the hack affects its Starwood reservation database, potentially exposing the personal information of approximately 500 million guests.

Posted: Nov 30, 2018 8:46 AM

If you've stayed at a Starwood hotel in recent years, there's a good chance you've been impacted by a massive data breach that potentially exposed the personal data of about 500 million guests.

Marriott — which owns Starwood hotels such as the St. Regis and the Westin — on Friday disclosed that the Starwood guest reservation system had been hacked, in a breach dating back to 2014.

For 327 million people, Marriott says, the exposed information includes names, phone numbers, email addresses, passport numbers and dates of birth. For millions of others, credit card numbers and card expiration dates were potentially compromised. This kind of information could be used to steal your identity and open bank accounts, credit cards or loans in your name.

It's the second biggest corporate data breach in history, behind one involving Yahoo, which said last year that 3 billion accounts among several of its brands were compromised.

Marriott said it will start emailing users who were impacted and it has set up a website with information about the breach.

In the meantime, here's what you can do to protect yourself:

1. Change your password

Marriott says guests should change their passwords regularly and pick ones that aren't easily guessed. This can prevent future account hacking. For example, instead of a common phrase, choose a combination of four or more unrelated words with numbers, characters and a mix of upper and lower-case letters.

You should also have different passwords for all the services you use.

2. Monitor your accounts for suspicious activity

Marriott recommends customers keep an eye on their Starwood Preferred Guest account for any suspicious activity. Members should also check their bank, retirement, and brokerage accounts, as well as credit card statements to look for any unauthorized transactions.

3. Open a separate credit card for online transactions

Yair Levy, a cybersecurity and information systems expert at Nova Southeastern University, recommends having a credit card dedicated to online shopping. This makes it easier to track transactions and spot fraudulent activity.

If that credit card is compromised, you also won't have to update automatic payments for things like bills.

4. Be vigilant

Experts caution internet users to be wary of "phishing" attempts by bad actors looking to steal your data, including through bogus emails, fake links and fraudulent websites. On its informational website about the hack, Marriott reminded members the company will not ask you to provide your password by phone or email.

59° wxIcon
Hi: 67° Lo: 54°
Feels Like: 59°
60° wxIcon
Hi: 70° Lo: 53°
Feels Like: 60°
59° wxIcon
Hi: 65° Lo: 48°
Feels Like: 59°
56° wxIcon
Hi: 54° Lo: 33°
Feels Like: 56°
Red Bluff
56° wxIcon
Hi: 66° Lo: 50°
Feels Like: 56°
57° wxIcon
Hi: 70° Lo: 48°
Feels Like: 57°
Clouds shrouded northern California today, but we didn't receive much rainy weather for all the gray. Light showers are possible through tonight. The clouds will stay through midday tomorrow, followed by a clearing of our sky.
KHSL Severe
KHSL Radar
KHSL Temperatures

Community Events