San Francisco: Cyber security experts on Monday issued warnings to nearly 500 million customers of global hotel chain Marriott. They were asked to change passwords and take other precautions after the hotel chain’s guest reservation system was hacked.
Marriott International on November 30 revealed that its guest reservation system was hacked, exposing the personal information of approximately 500 million guests.
“While we’re still only beginning to assess the true extent of the attack, ultimately, the security solutions the Starwood Hotels and Marriott Group had in place clearly weren’t sufficient enough if it allowed an unauthorised third party to get into the system,” said David Emm, Principal Security Researcher at Kaspersky Lab, IANS reported.
Thanks for reaching out about the Starwood guest reservation database security incident. Please visit https://t.co/O4oQBVxDVT to find more information about this incident, next steps to take, and resources available to answer your questions.
— Marriott Hotels (@Marriott) November 30, 2018
The hotel chain said the hack affected its Starwood reservation database, a group of hotels it bought in 2016 that included the St. Regis, Westin, Sheraton, W Hotels, Le Méridien and Four Points by Sheraton.
Customers sue Hotel Marriott
After the news of hacking, customers in the US sued the hotel chain for exposing their data with one class-action lawsuit seeking $12.5 billion in damages.
According to a report in ZDNet on Monday, the lawsuits were filed in the US state of Oregon and Maryland.
“While plaintiffs in the Maryland lawsuit didn’t specify the amount of damages they were seeking from Marriott, the plaintiffs in the Oregon lawsuit want $12.5 billion in costs and losses,” said the report.
Unlike previous breaches, this attack also included passport numbers for some individuals who are now at increased risk for identity theft.
Marriott said that it reported the breach to law enforcement and was also notifying regulatory authorities.