Story image

Marriott sets up call centres to answer questions on data breach

17 Dec 18

Marriott has released an update on the breach of the Starwood guest reservation data breach which affected 500 million guests.

When investigating the incident, Marriott learned that there had been unauthorised access to the Starwood network since 2014.

It discovered that an unauthorised party had copied and encrypted information, and took steps towards removing it.

On November 19, Marriott was able to decrypt the information and determined that the contents were from the Starwood guest reservation database.

The breach, reported on December 3, included some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences.

Dedicated call centre

Marriott has set up a dedicated website and call centre to answer its customers’ questions about their personal information and the data breach.

The call centre is available in multiple languages and Marriott warned that they would be likely to experience high call volumes initially.

Email notification

Marriott also reported that it began sending emails on a rolling basis on November 30 to affected guests whose email addresses are in the Starwood guest reservation database.

Free identity monitoring

In certain countries and regions, Marriott is offering affected guests the opportunity to enrol in a personal information monitoring service free of charge for one year.

This will be provided by Experian, a global data and information service provider.

This service (IdentityWorks Global Internet Surveillance) is available to residents of Australia, Brazil, Germany, Hong Kong, India, Ireland, Italy, Mexico, New Zealand, Poland, Singapore, Spain and the Netherlands.

IdentityWorks Global Internet Surveillance monitors whether a user’s personal data is available on public websites, chat rooms, blogs, and non-public places on the internet where data can be compromised, such as "dark web" sites, and generates an alert to if evidence of their personal information is found.

This is an optional service, and how much information users want to include in the identity monitoring is completely at their discretion.

Starwood properties impacted include:

  • Westin
  • Sheraton
  • The Luxury Collection
  • Four Points by Sheraton
  • W Hotels
  • St. Regis
  • Le Méridien
  • Aloft
  • Element
  • Tribute Portfolio
  • Design Hotels 

At the time of the disclosure, Marriott president and chief executive officer Arne Sorenson said, “We deeply regret this incident happened.”

“We fell short of what our guests deserve and what we expect of ourselves. 

“We are doing everything we can to support our guests, and using lessons learned to be better moving forward.”

Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Updated: Chch crypto-exchange Cryptopia suffers breach
Cryptopia has reportedly experienced a security breach that has taken the entire platform offline – and resulted in ‘significant losses’.
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.