Marriott's Starwood customers should 'assume the worst' following hack

As many as 500 million hotel guests may have had their data compromised

Starwood, Marriott international, Hacking

Potential victims of the breach of Marriott’s Starwood reservation database “should assume the worst” and take necessary precautions, according to John Shier, senior security advisor at Sophos, a UK-headquartered cyber security and hardware firm.

Last week, Marriott International said that as many as 500 million hotel guests may have had their data compromised by the hack after it found that unauthorised access to its systems dated back as far as 2014. Hotels in the Starwood network include Sheraton, Four Points by Sheraton and W Hotels.

Shier said that the potential fall-out of the data breach “should be alarming to anyone who has stayed at a Starwood property in the last four years.”

Did you like this story?
Click here for more

“Not only are guests at risk for opportunistic phishing attacks, but targeting phishing emails are almost certain, as well as phone scams and potential financial fraud,” he said. “Unlike previous breaches, this attack also included passport numbers for some individuals who are now at increased risk for identity theft.”

While Shier said that it remains unclear what level of exposure each individual victim has been subject to, he recommended that potential victims take a number of security precautions, such as being on the alert for potentially malicious e-mails, including “opportunistic phishing” emails purporting to be from Marriott or Starwood hotels.

Additionally, Shier recommended that Starwood customers monitor their financial and Starwood Preferred Guest account accounts, as the attacker may have gained access to encrypted credit card information.

“Change the password to your online credit card account,” he said. “If you use the same password for similar financial management websites, immediately change the password on those websites.”

In a statement announcing the security breach, Marriott International said it was providing guests the opportunity to enrol – free of charge for one year – in WebWatcher, which monitors internet sites where personal information is shared and generates an alert if evidence of the consumer’s personal information is found.

While Marriott provided a link to activate WebWatcher, Shier warned customers to not search for it online.

“Don’t Google it. If you Google ‘WebWatcher’, you won’t find the monitoring service, you’ll find lots of links to spyware of the same name,” he said. “Don’t sign up for that.”

For all the latest hospitality news from UAE, Gulf countries and around the world, follow us on Twitter and Linkedin, like us on Facebook and subscribe to our YouTube page.

Most Popular



Human Capital Report 2017

Human Capital Report 2017

The second annual Hotelier Middle East Human Capital Report is designed to explore the issues, challenges and opportunities facing hospitality professionals responsible for the hotel industry’s most important asset – its people. The report combines the results of Hotelier Middle East's HR Leaders Survey with exclusive interviews with the region's senior human resources directors.

Hotelier Middle East Housekeeping Report 2016

Hotelier Middle East Housekeeping Report 2016

The Hotelier Middle East Housekeeping Report 2016 provides essential business insight into this critical hotel function, revealing a gradual move towards the use of automated management and a commitment to sustainability, concerns over recruitment, retention and staff outsourcing, and the potential to deliver much more, if only the industry's "image problem" can be reversed.

From the edition

From the magazine