Data Exposed for 5.2 Million Customers

The private data of 5.2 million customers of hotels belonging to the Marriot Group of hotels has been exposed.

For two months at the beginning of this year, someone used log-in credentials belonging to two employees to access the data of customers.

Marriot caught on when they noticed an unusual amount of activity accessing customer information. Among the info exposed:

• contact details (e.g., name, mailing address, email address, and phone number)
• loyalty account information (e.g., account number and points balance, but not passwords)
• additional personal details (e.g., company, gender, and birthday day and month)
• partnerships and affiliations (e.g., linked airline loyalty programs and numbers)
• preferences (e.g., stay/room preferences and language preference)

The company does not believe credit or debit information was accessed.  You can click here to find out if your information was accessed.

Or call these numbers:

If you were one of the affected customers:

• Marriot has disabled your existing Marriott Bonvoy password, so when you log in to your Marriott Bonvoy account at Marriott.com, you will be prompted to change your password.
• You will also be prompted to enable multi-factor authentication to further protect access to your account.

They are also offering free IdentityWorks ID theft protection for 1 year.

• Ensure that you enroll by June 30, 2020 (your code will not work after this date.)
• Visit the Experian IdentityWorks website to enroll:
  • US Residents: https://www.experianidworks.com/identity
  • Non-US Residents: http://www.globalidworks.com/identity1
• Provide your activation code:
  • US Residents: To be provided in the email notice or self-service portal communication
  • Non-US Residents: To be provided in the email notice or self-service portal communication