Marriott Data Breach

Just when you were getting complacent about your data and privacy, hotel chain Marriott announced a massive data breach of its Starwood reservation system. Up to 500 million people could be impacted, going as far back as 2014.

Thieves gained access to Starwood guests’ personal details, including: names, addresses, dates of birth, passport numbers, email addresses and phone numbers and also encrypted credit-card information for some customers, though the company is not sure if the payment information could be used.

If you think you might be impacted by this breach, here’s what you need to know:

Marriott has set up a dedicated website and call center (877) 273-9481 to deal with questions guests might have about their personal information

The company is offering one year of free enrollment in Web Watcher, a monitoring service that alerts you if your personal information is being sold on line. While there’s no harm in enrolling, it may be better to take more concrete steps.

  1. Place a “fraud alert” on your credit file. This will require a financial institution to take steps to verify your identity before opening a new account, issuing an additional card, or increasing the credit limit on an existing account. Alerts can make it a bit harder for criminals to mess with your file. They last 90 days, after which you can renew it.

  2. Place a “credit-freeze” on your credit file, which generally stops all access to your credit report, including by YOU! That means that if you need to access credit, you have to unfreeze your records, which can take a few days. State law and/or a consumer reporting company’s policies dictate the availability of a freeze, which is now free in all 50 states, as required by a new federal law. You need to contact each company directly to freeze your file: Equifax (800) 685-1111(Automated, Option 3) or (888) 298-0045 (Live); Experian (888) 397-3742 (Option 2 followed by Option 2); TransUnion ((888) 909-8872).

  3. If someone has used your information to make purchases or open accounts, file a complaint with the Federal Trade Commission and print your Identity Theft Affidavit. Use that to file a police report and create your Identity Theft Report.

  4. Review your credit report every 12 months at If you find an error, report it immediately and stay on top of the process. Important note for parents: A new federal law going into effect this month allows you to check your kids’ credit reports. There’s a lot of information available from the FTC.

  5. Review credit card (and ALL) statements: Before you pay, make sure that there are no fraudulent charges. While you’re at it, enroll in a credit card notification program, where the bank alerts you to charges over a preset amount.

  6. Guard your information! Don’t provide a business with your Social Security number just because they ask for it; don’t provide personal information over the phone, through snail mail or via Internet unless you have initiated the contact or you know with whom you are dealing; and beware of over-sharing on social media, where criminals are finding valuable information.

  7. Protect your Password: Change logins and passwords monthly, use password generators and sign up for two-factor authentication.

  8. Shop carefully during this holiday season! Don’t send financial information on unsecured wireless networks and when making purchases, use a credit card, which has more fraud protections under federal law than debit cards or online payment services