You are here: Home » News-IANS » Business-Economy
Business Standard

Marriott faces lawsuits as experts warn 500 mn affected customers

IANS  |  San Francisco 

After customers in the US sued global Marriott for exposing their data with one class-action lawsuit seeking $12.5 billion in damages, cyber experts on Monday asked nearly 500 million affected customers globally to change passwords and take other precautions.

According to a report in ZDNet on Monday, the lawsuits were filed in the US state of and

"While plaintiffs in the lawsuit didn't specify the amount of damages they were seeking from Marriott, the plaintiffs in the lawsuit want $12.5 billion in costs and losses," said the report.

on November 30 revealed that its guest reservation system was hacked, exposing the personal information of approximately 500 million guests.

According to cyber experts, questions need to be asked as to how 500 million guests have been affected by this data breach.

"While we're still only beginning to assess the true extent of the attack, ultimately, the solutions the and had in place clearly weren't sufficient enough if it allowed an unauthorised third party to get into the system," said David Emm, at

"The data was encrypted, but the attackers potentially stole the keys too - highlighting that an extra layer of security should have been in place to prevent this from happening. This data breach is now one of the most critical data breaches in history," Emm said in a statement.

The said the hack affected its Starwood reservation database, a group of hotels it bought in 2016 that included the St. Regis, Westin, Sheraton, W Hotels, and Four Points by Sheraton.

According to John Shier, Senior Security Advisor, Sophos, the potential fallout from the Marriott's Starwood data breach should be alarming to anyone who has stayed at a in the last four years.

"Not only are guests at risk for opportunistic phishing attacks, but targeted phishing emails are almost certain, as well as phone scams and potential financial fraud," said Shier.

Unlike previous breaches, this attack also included passport numbers for some individuals who are now at increased risk for identity theft.

"At this point, however, it's unclear what level of exposure each individual victim has been subject to. Until then, all potential victims should assume the worst and take all necessary precautions to protect themselves from all manner of scams," said

Be on alert for spearphishing, opportunistic phishing, monitor your financial accounts and change passwords as a precaution, it added.

Marriott said that it reported the breach to and was also notifying regulatory authorities. The shares witnessed a maximum 8.7 per cent drop after announcing the data breach.



(This story has not been edited by Business Standard staff and is auto-generated from a syndicated feed.)

First Published: Mon, December 03 2018. 15:42 IST