Title Image


Marriott data breach

What to Do If You Suspect Your Information Was Exposed in Marriott’s Data Breach

One of the largest data breaches in the history of the Internet was announced on November 30th, 2018. Marriott announced that it’s Starwood Hotel chain had a breach of information from a secure reservation system. The information of approximately 500 million customers around the world was exposed.

According to Marriott, the hackers accessed people’s names, addresses, phone numbers, email addresses, passport numbers, dates of birth, gender, Starwood loyalty program account information, and reservation information. For some, they also stole payment card numbers and expiration dates. Marriott says the payment card numbers were encrypted, but it does not yet know if the hackers also stole the information needed to decrypt them.

Although this breach was only recently discovered, the threat has likely persisted for over four years. According to the official statement from Marriott’s legal counsel,

“If you made a reservation on or before September 10, 2018, at a Starwood property, the information you provided may have been involved.”

Often when we hear about large data breaches and cyber-attacks in the news, it is difficult to determine the relevant immediate and long-term risks. One of the largest threats that we have been able to see evolve into a trend after significant breaches is an increase in social engineering attacks. According to the security awareness training company KnowBe4, 91% of cyberattacks begin with a spear phishing email.

After a large data breach from a global brand such as Marriott, it is very likely that you may receive various emails from individuals or organizations claiming to be from Marriott. These emails are often part of a sophisticated, targeted email phishing scheme and are exclusively designed to steal information or compromise your system for nefarious purposes.


What to do if you suspect your information was exposed:

Check your credit reports. 

Review your credit reports from all three credit bureaus (Equifax, Experian, and TransUnion) for suspicious activity and unauthorized hits on your credit. If you detect unauthorized activity it could be an indicator of identity theft.

Review your debit and credit card statements.

Be on the lookout for any fraudulent charges. Contact your bank and credit card company immediately to report any known or suspected fraud.

Place a fraud alert on your credit files.

You may set up a fraud alert to notify organizations checking your credit to seek additional verification to confirm your identity.

Consider freezing your credit reports.

Freezing your credit makes it more difficult for malicious actors to open a new account in your name.


Bolster your organization’s defenses by following these steps:

Have a detailed plan.

Have a documented plan of action in place that details exactly how your organization will respond in the event of a security breach. How will you identify the compromise? How will you secure your systems, contain the threat, and recover your systems?

Watch out for CEO fraud scams.

Now that attackers are potentially armed with personal information, it is rather trivial to launch a personalized attack on your organization that specifically leverages the trusted relationship of C-level executives.

Proactively phish your users.

To ensure that your employees are better prepared to deal with the sophisticated email threats of today we recommend proactively phishing your users. We especially recommend adding templates specifically designed around the Marriott data breach.

Provide security awareness training and resources.

Ensure that your employees have the appropriate digital literacy to identify and respond to real-world threats. Training on how to identify a phishing email, set and store passwords securely, ensure their accounts are secure, and know who to contact in the event of a suspected incident are all important.


Delap Cyber is available to assist your organization with proactive managed security services. We provide company-wide training, proactive simulated phishing testing, network perimeter security, and next-generation endpoint security software. You’ve spent your life building your business, let us help you protect it.

Contact Us Today