A massive data breach has just been announced by Marriott International which affects nearly 500 million guest records. The scale of the database hack is alarming because it stretches back several years.

The company stated that an investigation revealed unauthorized access to information since 2014 from its Starwood group which was acquired in 2016. That includes hotel brands such as Sheraton, Westin, and W Hotels.

It was found that for roughly 327 million, the breach includes “combination” of guest names, birth dates, passport details, email address, mailing address, phone numbers, gender, and for some, payment information. Although encryption was used for the database, Marriott has indicated it is highly probable that decryption information was also stolen.

In a press release on the company’s website, Marriott President and CEO Arne Sorenson issued an apology:

“We deeply regret this incident happened. We fell short of what our guests deserve and what we expect of ourselves.  We are doing everything we can to support our guests, and using lessons learned to be better moving forward.”

Law enforcement has been notified and security experts continue to investigate and assess the level of damage done by the breach. So far, they have not identified those responsible for the breach.

Beginning November 30, Marriott will send out emails to affected guests notifying them of the breach. To address concerns, they have also launched a dedicate website – info.starwoodhotels.com – and reiterate that the customer service number is available 24/7 to answer questions. That number is 800.721.7033.

Marriott is offering fraud protection enrollment to guests where it is available in their country. If you know or believe your personal information was affected, you are urged to reach out to the company with your concerns. Learn more by clicking on the video below!