Marriott International CEO Arne Sorenson appeared before the US Senate last week to testify about a major data breach that stuck the company in November, 2018 when hackers accessed to the US-based Starwood Guest Reservation Database.
The company became suspicious of a problem on November 13th, when company investigators noticed two encrypted files had been deleted.
“Six days later, on November 19, 2018, investigators were able to decrypt the files, and found that one contained an export of a table from the Starwood Guest Reservation Database containing guest data, while the other contained an export of a table holding passport information,” Sorenson said.
Further investigation showed the breach to be potentially even more devastating than originally believed.
“On November 25 and 26, we found that, in 2015 and 2016, prior to our acquisition of Starwood, the attacker had likely created a copy of two other tables, which the attacker later deleted. The file names correspond to two other tables in the Starwood Guest Reservation Database. We have been unable to recover those files and could not determine if they had been taken,” he said.
It’s estimated the breach compromised 383 million customer records. In addition, 5.25 million unencrypted passport numbers and 18.5 million encrypted passport numbers were potentially stolen.