Marriott International said hackers accessed up to 500 million customer records in its Starwood Hotels reservation system in an attack four years ago.
( Reuters) — Marriott International said on Friday that hackers accessed up to 500 million customer records in its Starwood Hotels reservation system in an attack that began four years ago, exposing data including passport numbers and payment cards.
Shares were down 5.7 percent in late afternoon trade on news of the hack, one of the largest in history, which prompted regulators in Britain and at least five U. S. states to launch investigations.
The Federal Bureau of Investigation said it was looking into the attack on Starwood, whose brands include Sheraton, St. Regis, W and Westin hotels. It advised affected customers to check for identity fraud and report it to the bureau’s Internet Crime Complaint Center.
The hack began in 2014, a year before Marriott offered to buy Starwood to create the world’s largest hotel operator. The $13.6 billion deal closed in September 2016.
Some 327 million customer records containing information including passport details, birthdates, addresses, phone numbers and email addresses were exposed, according to the company.
The hackers also accessed payment card data for an undisclosed number of customers, the company said.
“What makes this serious is the number of people involved, the intimacy of the data that was taken and the long delay between the breach and discovery,” said Mark Rasch, a former U.
