If you’ve stayed at a Marriott-owned Starwood property in the last four years or so you might want to do a credit check. Like, now. Because earlier today, Nov. 30, the hotel conglomerate, which runs roughly 6,700 properties around the world, announced that its Starwood Reservation System had been the target of a massive database hack they discovered back in September, resulting in the release of the sensitive information of upwards of 500 million guests.
According to the New York Times, the compromised information includes “names, addresses, dates of birth, passport numbers, email addresses, and phone numbers” and even in certain cases, credit card numbers. (It is unclear at this time whether or not the hackers were able to use the encrypted credit card numbers.)
Marriott stated that passports and dates of birth were a “subset” of the larger number of compromised information, owing to the fact that that information is not necessary for all bookings.
This comes only a year after the massive Equifax breach, which left roughly 143 million customers’ sensitive information exposed to hackers. That hack led to the firing of the CEO and Congressional hearings (which also addressed a 2013 Yahoo hack that exposed three billion user accounts).
Marriott has set up a website both explaining the breach and helping customers figure out whether or not they’ve been affected, though they’ve also announced they’ll be reaching out to affected customers by the end of Friday, Nov. 30. The website includes a dedicated call center and a one-year free subscription to WebWatcher, which monitors web activity where personal information is shared.