Owner of Dublin's Westin Hotel caught up in global data breach affecting up to 500 million customers

Owner of Dublin's Westin Hotel caught up in global data breach affecting up to 500 million customers

Names, email addresses and passport numbers are among the details affected by a data breach at the Marriott hotel group, which owns Dublin's Westin Hotel.

The data breach occurred after the guest reservation database of the chain's Starwood division in the US was compromised. A staggering 500 million guests' data may have been exposed during the breach, which began in 2014 and was spotted on September 8 this year. Guests who made bookings before September 10 this year may be affected.

The database stored information including passport numbers, dates of births, names, addresses and phone numbers for 327 million guests. Marriott said some guests' credit card information may also be affected.

Work is continuing, but the firm said the breached database contains the information of up to half a billion guests who booked before September 10.

Payment card numbers and expiration dates were also stored for some.

The Data Protection Commissioner's Office hasn't received any official notification of Irish customers affected yet.

However, it'll be making contact with Marriott International to see if any have been affected.

Some of the hotels which were hit in the UK include:

  • Aloft London Excel
  • Aloft Liverpool
  • The Park Tower Knightsbridge, a Luxury Collection Hotel
  • The Wellesley, a Luxury Collection Hotel
  • Sheraton Heathrow Hotel

The breach was spotted in the Starwood guest reservation database in the US on September 8 and the company "discovered that an unauthorised party had copied and encrypted information, and took steps towards removing it", a statement said.

Security experts determined there "had been unauthorised access to the Starwood network since 2014", it added.

Researchers decrypted the information and determined its contents were from the Starwood reservation databases on November 19, Marriott said.

Owner of Dublin's Westin Hotel caught up in global data breach affecting up to 500 million customers

Marriott president and chief executive Arne Sorenson said: "We deeply regret this incident happened.

We fell short of what our guests deserve and what we expect of ourselves. We are doing everything we can to support our guests, and using lessons learned to be better moving forward.

The Maryland(US)-based firm, which has hotels across the globe, said law enforcement agencies are investigating.

Payment card numbers are encrypted using a method that requires two components to break it, a statement said.

"Marriott has not been able to rule out the possibility that both were taken," it added.

The US National Crime Agency said it is making inquiries, and the New York Attorney General has also opened an investigation.

The UK's Information Commissioner's Office (ICO) has begun making inquiries over the breach and has the power to impose large fines.

"We have received a data breach report from Marriott Hotels involving its Starwood hotels and will be making inquiries," a spokeswoman said. "If anyone has concerns about how their data has been handled they can report these concerns to us."

More on this topic

Over 6,700 data breaches reported to Data Protection commissionerOver 6,700 data breaches reported to Data Protection commissioner

Interpretation of data-protection laws hampering efforts to safeguard vulnerable people from abuse, claims reportInterpretation of data-protection laws hampering efforts to safeguard vulnerable people from abuse, claims report

TD 'can’t figure out' why Passport Office would give customer data to some State bodiesTD 'can’t figure out' why Passport Office would give customer data to some State bodies

Data Protection Commissioner says she received 'significantly less funding than requested from GovernmentData Protection Commissioner says she received 'significantly less funding than requested from Government


More in this Section

Insolvency practitioner ordered to pay two thirds of his fee in costs after giving misleading information about client's incomeInsolvency practitioner ordered to pay two thirds of his fee in costs after giving misleading information about client's income

Sinn Féin manifesto spending plan would ‘destroy jobs,’ says Micheál MartinSinn Féin manifesto spending plan would ‘destroy jobs,’ says Micheál Martin

Greyhound track protestors 'delighted with outcome' as they reach settlement with Shelbourne ParkGreyhound track protestors 'delighted with outcome' as they reach settlement with Shelbourne Park

Conor McGregor escapes prosecution for motoring offencesConor McGregor escapes prosecution for motoring offences


Lifestyle

They’re still a fairly new phenomenon on the interiors scene, but the growing popularity of listening to podcasts has provided us with an easy-to-access source of ideas and advice, writes Carol O’Callaghan.Listen and learn: How podcasts can help you source cool interiors ideas

Live your cheese dream for one night only.Video: The world’s first cheese hotel has opened its doors

For Galway-based nature lover and grandmother, Marion Edler-Burke, forest-walking is balm for the soul.Parents for the Planet: It’s revitalising to see the wood and the trees

Working outside in your front garden can help people meet and encourage neighbours to become friends, says Hannah Stephenson.How your garden can help you make new friends

More From The Irish Examiner