Marriott International Inc has stated that fewer than 383 million customer records were stolen in a massive cyber attack disclosed last month, down from its initial estimate that up to 500 million guests were affected.
The hotel operator also said that some 25.55 million passport numbers were stolen in the attack on the Starwood Hotels reservation system, 5.25 million of which were stored in plain text. Another 8.6 million encrypted payment cards were also taken in the attack, it said.
Marriott previously confirmed that passport numbers and payment cards were taken, but did not say how many.
One Of The Largest Breaches In History
The company disclosed on November 30 that it had discovered its Starwood hotels reservation database had been hacked over a four-year period in one of the largest breaches in history. At least five US states and the UK's Information Commissioner's Office are investigating the attack.
Marriott also said that it had completed an effort to phase out the Starwood reservations database that it acquired in September 2016 with its $13.6 billion purchase of Starwood. The hack began in 2014, a year before Marriott offered to buy Starwood.
News by Reuters, edited by Hospitality Ireland. Click subscribe to sign up for the Hospitality Ireland print edition.