Marriott has trudged through the merger between themselves and Starwood by going from one poorly handled situation to the next. However one of the biggest blunders and PR nightmare was when, in November 2018, they announced the discovery of a huge data breach in their systems that may have affected up to 500 MILLION guests. In January 2019, they clarified some details and said the breach only affected about 383 million guests, including the unencrypted passport numbers for 5.25 million guests.
Marriott seemed to be in no hurry to notify people about this hack. As per their website “Marriott began sending emails on a rolling basis on November 30, 2018, to affected guests whose email addresses are in the Starwood guest reservation database.”
I didn’t receive an email until December 6th. At this point, Marriott still didn’t know what information was stolen for each guest but they did provide a link to enroll in the WebWatcher credit monitoring service. It took until February 16, 2019 for Marriott to provide a way to find out the types of your personal information that were released in the hack.
Despite the fact that the Marriott website link referred you to a third-party website for you to enter in all of your personal information, some bloggers jumped in right away and asked for their information.
For some, like Gary from View from the Wing, it took Marriott 11 days to reply and let him know that his unencrypted passport number and unencrypted credit card information was part of the hack. It took Ed from Pizza in Motion an unbelievable 25 days to hear back from Marriott about what types of his information were stolen.
I didn’t rush to get my information. What would I do with it when I knew? Even if I knew my credit card information was stolen, Marriott doesn’t tell you what card number was compromised so there’s very little you can do.
I decided to fill out a form to ask for my information. The link from the other articles on this topic to the necessary form seems to have moved in the past month. The information about the hack can now be found at https://answers.kroll.com/ From there you can scroll to the bottom of the page where the FAQ is.
The very first question has a link to the form you need to fill out.
I sent in my request on 3/16 and received a response on 3/25. That’s 11 days, the same time frame as Gary but much faster than Ed’s response.
So now I know what information they have. I don’t think I’ll sign up for the information monitoring service since I already get two alerts from enrollments I’ve received because of other data breaches.
You’d think that after a month, Marriott would be getting better at providing this information but it seems like getting this information to guests in a speedy manner isn’t a priority for them right now. Probably just more noise around the edges, right?
Like this post? Please share it! We have plenty more just like it and would love if you decided to hang around and clicked the button on the top (if you’re on your computer) or the bottom (if you’re on your phone/tablet) of this page to follow our blog and get emailed notifications of when we post (it’s usually just two or three times a day). Or maybe you’d like to join our Facebook group, where we talk and ask questions about travel (including Disney parks), creative ways to earn frequent flyer miles and hotel points, how to save money on or for your trips, get access to travel articles you may not see otherwise, etc. Whether you’ve read our posts before or this is the first time you’re stopping by, we’re really glad you’re here and hope you come back to visit again!
This post first appeared on Your Mileage May Vary
Cover photo by Josek on Flickr