Starwood Hotels confirms it has been hit by another data breach affecting 500 million guests.
Marriott, the hotel’s parent company, says on November 20th, 2018 that guest information was stolen by an “unauthorized party” from Starwood’s guest reservation database on November 19th, 2018.
Engadget reports that about 327 million out of the 500 had a combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation date, and communication preference accessed.
Marriott said that an unknown number included encrypted credit card data.
“We are working hard to ensure our guests have answers to questions about their personal information, with a dedicated website and call center,” the company said in a statement to Engadget on November 30, 2018. “We will also continue to support the efforts of law enforcement and to work with leading security experts to improve.” It added that it is “phasing out” Starwood systems as part of its ongoing security work.
This is Starwood’s third data breach incident since 2015.