Marriot revealed that it suffered a major data breach last year. The breach came from the Starwood brand database. It was first said that it affected over 500 million customers, but then the number was lowered to 383 million unique guests. The compromised information included guest names, postal addresses, phone numbers, dates of birth, genders, email addresses and reservation information. Later it transpired that more than 20 million encrypted passport numbers were also stolen, along with 8.6 million unique payment card numbers. Marriott said it would pay for new passports.
As expected, there is already a couple of lawsuits filed against Marriott. The breach has been going on since 2014 and the lawsuits claimed that it should have been discovered way earlier.
Now, finally, Marriott will let you check if you’re a victim of the Starwood hack. They put in place “a mechanism to enable guests to look up individual passport numbers to see if they were included in the set of unencrypted passport numbers”, TechCrunch says.
The weird thing is that this tool is hosted by security firm OneTrust, that will ask for some personal information, like your name, email address, as well as the last six-digits of your passport number. That’s will surely make some people uneasy, since you’re supposed to give that information to a company that you might have never heard before. That’s after learning that you’re probably a victim of a major data breach.
Another issue is that the checker won’t give back a result straight away. Marriott doesn’t say how it will take to get an answer.