Exclusive

Speaker Johnson rips Harris for skipping Netanyahu speech — just like Biden did in 2015
Business

Marriott says hackers stole 500 million Starwood Hotels records

By
Social Links for Nolan Hicks
Published Nov. 30, 2018
Updated Jan. 2, 2019, 10:59 a.m. ET

Hackers stole the personal information of half-a-billion people from hotel conglomerate Marriott in a data breach that went on for years, the company admitted Friday — a disclosure that triggered probes from the FBI and New York state officials.

“We’ve opened an investigation into the Marriott data breach,” tweeted Attorney General Barbara Underwood. “New Yorkers deserve to know that their personal information will be protected.”

The FBI is also probing the breach, officials told Reuters. Law enforcement officials in Connecticut and Illinois also said they are examining the breach.

New York state law requires Marriott to inform the AG of the breach, but department spokeswoman Amy Spitalnick said that had not happened as of late Friday morning.

Underwood also pushed for new state legislation that would expand protections for consumers when data breaches occur in a Friday Twitter post.

The hotel conglomerate warned that for 327 million travelers, the stolen information includes some combination of name, mailing address, phone number, email address, passport number, date of birth, gender and reservation dates.

It also disclosed that credit card information may have also been stolen, but that the swipes were encrypted making it more difficult for hackers to potentially access the information.

The list of hotel brands hit includes some of the poshest in the business, including the W Hotels and St. Regis chains and business traveler mainstays like Sheraton Hotels & Resorts, Four Points by Sheraton and Westin Hotels & Resorts. The trendy Element Hotels and Aloft Hotels brands were also hit.

The AG’s probe comes just hours after the hotel conglomerate announced the massive data breach linked to its Starwood brands early Friday.

Marriott purchased Starwood — the holding company for those brands — in 2016, turning the company into the biggest hotelier in the world.

According to the company’s statement, it first learned of the breach in September and that the Starwood systems had been hacked for the last four years.

“On September 8, 2018, Marriott received an alert from an internal security tool regarding an attempt to access the Starwood guest reservation database in the United States,” the company said. “Marriott learned during the investigation that there had been unauthorized access to the Starwood network since 2014.”

It added: “On November 19, 2018, Marriott was able to decrypt the information and determined that the contents were from the Starwood guest reservation database.”