Marriot International’s Starwood Hotels’ reservation system has been attacked, leaving around 500 million customers’ information compromised.
The announcement on Friday caused the company’s shares to drop by 4 percent to $117 in premarket trading.
As per the details, the attack on Marriot International’s subsidiary began four years ago, even before the multinational had acquired Starwood.
The company states that the compromised data of 327 million guests include phone numbers, email addresses, and passport details. As for the others, the compromised data may include credit card information.
The hack was initiated in 2014 while Marriott made an offer to acquire Starwood for $21.2 billion in November 2015, purchasing brands like Ritz Carlton, Sheraton, and the Autograph Collection to become the world’s largest hotel operator.
The Starwood acquisition deal was closed in September 2016. Marriot says that it first got to know about the attack when an internal security tool caused an alert on Sept. 8.
Amy Spitalnick, Communications Director and Senior Policy Advisor, from the Office of the New York Attorney General, says,
We’ve opened an investigation into the Marriott data breach. Additionally, under New York law, Marriott was required to provide notification to our office upon discovering the breach; they have not done so as of yet.
As for Marriott, it said it would inform the affected customers about the data theft. It further said that the law enforcement and regulatory authorities have also been reported.
Nevertheless, the breach can incur Marriot hundreds of millions in lieu of legal costs.
It is pertinent to mention here that a lot of companies faced data breaches this year. Just recently, Dell has notified its customers that its customers’ information may have been compromised. However, it clarified that the stolen information does not include credit card details.