Marriott International announced on Friday that hackers had breached into the hotel’s guest database and that they have likely obtained data for about 500 million people.
The group said in a statement Friday that the penetration began in 2014 and was only discovered on November 19, 2018.
It explained that the database contained reservation details of up to 500 million guests, of which around 327 million records listed details including some combination of the person’s name, phone number and passport number among other things.
For some the information also includes payment card numbers and payment card expiration dates, although the company said that data was encrypted, reported US magazine Politico.
Arne Sorenson, Marriott’s president and chief executive, stated that the group deeply regretted the incident.
“We fell short of what our guests deserve and what we expect of ourselves. We are doing everything we can to support our guests, and using lessons learned to be better moving forward,” he said.
The company, which is working with law enforcement to investigate the breach, said it would begin emailing affected guests today. It is also offering victims free access to a service that monitors the internet for their personal information, according to Politico magazine in the US.
Edited translation from Al-Masry Al-Youm
