Bad news for anyone who has stayed at a Starwood brand hotel, which includes big names like Westin and Sheraton, in the last few years: Hackers may have your data, including credit card information. Marriott said Friday that up to 500 million customers under its Starwood Hotel umbrella have been compromised, reports Reuters. For most, that means information such as name, address, email, phone number, passport number, and date of birth, or some combination of the above. However, hackers got encrypted credit card numbers and expiration dates on at least some of the customers, and Marriott says it's possible the hackers also got what they needed to decrypt those numbers.
The breach of the reservation system first occurred in 2014, but the chain just discovered it. Marriott bought Starwood in 2016, after the initial breach occurred, and Business Insider reports Marriott-brand hotels were apparently unaffected. The site ticks off the affiliated hotels: W Hotels, St. Regis, Sheraton, Westin, Element, Aloft, The Luxury Collection, Tribute Portfolio, Le Méridien, Four Points by Sheraton, and Design Hotels. Anyone who booked on or before Sept. 10, 2018, is at risk. Marriott says it will send out emails, and it has set up an informational website here. The company's stock had fallen about 6% in pre-market trading, reports CNN. (A librarian won her lawsuit against Equifax after a major breach there.)