A Marriott investigation shows that its database of Starwood hotels has been illegally accessed, making vulnerable customer information for reservations booked as far back as 2014.
Roughly 500 million guests are potentially affected. Here’s what customers need to know to protect their personal information.
- The breach only affects Starwood customers. Even though Marriott recently merged with Starwood, Marriott guests were unaffected by the breach. Starwood hotels include the following brands: W Hotels, St. Regis, Sheraton Hotels & Resorts, Westin Hotels & Resorts, Element Hotels, Aloft Hotels, The Luxury Collection, Tribute Portfolio, Le Méridien Hotels & Resorts, Four Points by Sheraton, Starwood branded timeshares and Design Hotels.
- Guests will be notified by email on a rolling basis beginning Nov. 30, 2018. But since so many are affected, you should contact Starwood immediately or go on the dedicated website if you think you might be affected to get information. Expect a longer wait time when you call.
- A wide range of personal information was stolen. For 327 million of the potentially affected guests, the stolen information can include any number of the following:
- Mailing address
- Phone number
- Email address
- Passport number
- Starwood Preferred Guest account information
- Date of birth
- Arrival and departure information
- Reservation date
- Communication preferences.
Payment information was more decrypted than other information, and may or may not have been accessed. The remaining 183 million guests had two or fewer items of information stolen.
- Get free WebWatcher Enrollment. Marriott is providing guests with free access to enroll in WebWatcher to monitor any suspicious activity online with their information for a year. The program crawls the internet and alerts you where your information is showing up. To enroll for free, you must go to the dedicated breach website.
- Double check your credit on your own. This is a good reminder to check credit bureau reports and past bank statements frequently for fraudulent charges. You’re entitled to at least one free credit report from each credit bureau every 12 months via AnnualCreditReport.com. If you see new credit cards are opened or other information that indicates potential identity theft, contact your bank and credit bureaus to report it.
How to choose a travel rewards programLoyalty programs can help maximize earning, but it’s important to consider what those points and miles are worth.
- Not all rewards are created equal: Redemption values vary from program to program.
- Transferable points programs like Marriott Rewards, Chase Ultimate Rewards® and American Express Membership Rewards give users the most flexibility. However, fixed-point programs are best for those looking for simplicity. Think Capital One Miles and Citi ThankYou Points.
- Consider travel program values when you redeem rewards and how your personal loyalty status may affect that. Loyalty programs can give you access to elite status and a variety of travel benefits, from lounge access to complimentary breakfasts.
- The easiest way to rack up travel rewards is to use a credit card that earns miles or points with every purchase. Check out our favorite travel cards, the best airline credit cards and the top hotel credit cards.
Planning a trip? Check out these articles for more inspiration and advice:
5 things you should know about the Marriot-SPG merger
NerdWallet’s identity theft and cybersecurity guide
7 things every credit card user needs to know about fraud