Mariott International Inc is investigating one of their biggest security hacks ever of its guest reservation database. The news led to their shares slumping nearly 6.9 percent.
A security breach inside Marriott’s worldwide hotel empire has compromised the information of as many as 500 million guests, exposing in some cases credit card numbers, passport numbers and birthdates, the company said Friday.
Alarming security analysts, Marriott said that unauthorized access to data within its Starwood network has been taking place since 2014 in what may be among the largest data breaches on record.
Marriott acquired Starwood in 2016, and the process of merging its computer system with Starwood computers has been marred by technical glitches.
The company said credit card numbers and expiration dates of some guests might have been taken. For as many as two-thirds of those affected, data exposed could include mailing address, phone number, email address, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation date and communication preferences. For some guests, the information was limited to name and sometimes other data such as mailing address, email address or other information.
“We fell short of what our guests deserve and what we expect of ourselves,” CEO Arne Sorenson said in a prepared statement. “We are doing everything we can to support our guests, and using lessons learned to be better moving forward.”
Email notifications to those who may have been affected will begin rolling out Friday.
While the breach affected “approximately 500 million guests” who made a reservation at a Starwood hotel, some of those records could include a single person who booked multiple stays.
The company manages more than 6,700 properties across the globe.
While the first impulse for those potentially affected by the breach could be to check credit cards, security experts say other information in the database could be more damaging.
“The names, addresses, passport numbers and other sensitive personal information that was exposed is of greater concern than the payment info, which was encrypted,” said analyst Ted Rossman of CreditCards.com. “People should be concerned that criminals could use this info to open fraudulent accounts in their names.”
When the merger was announced in 2015, Marriott had 54 million members of its loyalty program, and Starwood had 21 million. Many people were members of both programs.
Asked for more details on the 500 million number, Marriott spokesman Jeff Flaherty said Friday that the company has not finished identifying duplicate information in the database.
An internal security tool signaled a potential breach in early September, but the company was unable to decrypt the information that would define what data had potentially been exposed until last week.
Marriott, based in Bethesda, Maryland, said in a regulatory filing that it’s premature to estimate what financial impact the data breach will have on the company. It noted that it does have cyber insurance, and is working with its insurance carriers to assess coverage.
The Starwood breach stands out among even the largest security hacks on record. Hilton had two separate data breaches that exposed more than 350,000 credit card numbers. One breach began in November 2014 and another in April 2015. Yahoo had a data breaches in 2013 and 2014 that impacted about 3 billion of its accounts. Target also had an incident in 2013 that affected more than 41 million customer payment card accounts and exposed contact information for more than 60 million customers. Last year, Equifax disclosed a data breach that affected more than 145 million people.
The former Starwood brands now under the Marriott umbrella include W Hotels, St. Regis, Sheraton Hotels & Resorts, Westin Hotels & Resorts, Element Hotels, Aloft Hotels, The Luxury Collection, Tribute Portfolio, Le Méridien Hotels & Resorts, Four Points by Sheraton and Design Hotels. Starwood branded timeshare properties are also included.
Marriott has had a rocky process of merging its computer system with Starwood computers. Members of both loyalty programs have complained about missing points, glitches with stays crediting to their accounts and problems with free nights earned from credit cards not appearing.
Sorenson said that Marriott is still trying to phase out Starwood systems.
Marriott has set up a website and call center for anyone who thinks that they are at risk.
Shares of Marriott tumbled 5 percent at the opening bell.
VR Hits U.S. Army For HoloLens Microsoft Contract
Virtual- and augmented-reality headsets haven’t had much traction in the consumer market, but they’re finding a place on the battlefield.
The U.S. Army said Thursday that it had awarded Microsoft a $480 million contract to supply its HoloLens headsets to soldiers. This lucrative contract could triple the number of headsets in the market.
The head-mounted displays use augmented reality, which means viewers can see virtual imagery superimposed over the real-world scenery in front of them. Microsoft says the technology will provide troops with better information to make decisions.
The Redmond, Washington, company says the new work extends its longstanding relationship with the Department of Defense.
“Augmented reality technology will provide troops with more and better information to make decisions. This new work extends our longstanding, trusted relationship with the Department of Defense to this new area,” Microsoft told Bloomberg in a statement.
Military bidding documents say the technology will be used for both training and fighting, bringing more situational awareness to troops to help them become more lethal and mobile.
Instagram Closing The Friends Circle
Keep your friends close … and your close friends closer?
Instagram is adding a feature to make it easier to share photos and videos with fewer folks.
Called Close Friends, the new feature lets users share Stories — photos and videos that disappear after 24 hours — with people they put on a special list. The idea is people may feel more comfortable sharing some things with just close friends, rather than all followers.
Regular posts would still appear to everyone, though users have the option of pre-approving followers. Facebook already lets people narrow audiences for individual posts, but the Facebook-owned Instagram hasn’t.
Social-media companies are quickly learning that bigger audience sizes for users can mean a reluctance to share more personal stuff. So, they are adding ways to communicate with smaller groups. This is why Facebook is beefing up its Groups feature, and why messaging apps are so popular.
Robby Stein, product director at Instagram, said the feature took more than a year to complete. It starts rolling out to users Friday.
To use it, first create a list of close friends by going to your profile and tapping the icon with three horizontal lines. Instagram will suggest people to add based on how often you interact with them, or you can pick your own.
Once that’s done, you can create a story just for those people. Friends aren’t notified when you add them to the list, or if you remove them later, and they can’t request to be added. But they’ll eventually know: Stories they get this way will have a green circle around them, rather than the usual pink.
You can create just one Close Friends group, though, rather than separate ones for families, friends and other circles, as you can on the main Facebook service. Stein said Instagram wanted to keep things simple and observed that when there are multiple lists, people don’t tend to use them.
Instagram copied the Stories feature from Snapchat years ago and now has more than 400 million people using the feature each day. That’s more than twice the number using Snapchat — not just its Stories feature — each day.