Marriott Hotels said on Friday that hackers illegally accessed its Starwood Hotels brand’s reservation database since 2014, potentially exposing personal information on about 500 million guests. The company said for 327 million guests, personal information compromised could include passport details, phone numbers and email addresses. For some others, it could include credit card information.
The company said it learned about the breach after an internal security tool sent an alert on Sept. 8. On further investigation, the hotel chain learned data had been hacked long before. The company, which bought Starwood in 2016, said it had reported the incident to law enforcement and had begun notifying regulatory authorities. Marriott said it would send emails to affected guests, starting Friday.