Marriott International said on Friday hackers stole about 500 million records from its Starwood Hotels reservation system in an attack that began four years ago, exposing personal data of customers including some payment card numbers.
Shares of the company were down 4 percent at $117 in premarket trading.
The hack began in 2014, before Marriott offered to buy Starwood for $12.2 billion in November 2015, acquiring brands including the W, Sheraton and combining them with its own Ritz Carlton and the Autograph Collection to create the world’s largest hotel operator. The company closed the Starwood deal in September 2016.
Marriott said for 327 million guests, compromised data could include passport details, phone numbers and email addresses. For some others, it could include credit card information.
Marriott said it first found out about the breach after an internal security tool sent an alert on Sept. 8.
“We’ve opened an investigation into the Marriott data breach. Additionally, under New York law, Marriott was required to provide notification to our office upon discovering the breach; they have not done so as of yet,” said Amy Spitalnick, Communications Director and Senior Policy Advisor, Office of the New York Attorney General.
Marriott said it would inform affected guests about the breach, starting Friday, and that it had reported it to law enforcement and regulatory authorities.
The breach could cost Marriott hundreds of millions of dollars in legal costs.
Marriott said on Friday it was too early to estimate the financial impact of the breach and that it would not affect its long-term financial health. The hotel chain said it was working with its insurance carriers to assess coverage.
Credit: Source link