The hotel giant has produced the official numbers related to the massive computer hack they have face at the end of November 2018. But some of the information stolen could prove valuable to foreign intelligence services.
The extent of piracy against several chains of the global hotel giant Marriott, revealed at the end of November, is less significant than expected. But the particularly sensitive nature of some compromised information could be a goldmine for the foreign intelligence services that would get their hands on it.
In a statement issued on Friday, January 4, the world’s largest hotel company provided more details on the number of elements stolen by hackers in the cyber attack that targeted a database of reservations for its brands Starwood, W Hotels, Sheraton Hotels and Resorts, Westin Hotels and Resorts, Le Méridien Hotels and Resorts and Four Points by Sheraton.
At the end of November, Marriot Hotels announced that the hacking might have revealed the personal information of 500 million customers. According to the latest assessment, a maximum of 383 million cases are finally involved. But it is unlikely that 383 million people will be affected because some customers had several registrations.
China behind this act of piracy?
More worryingly, the group also estimates that the numbers of approximately 5.25 million passports not protected by an encryption protocol are among the information that has fallen into the hands of hackers. About 20 million encrypted passports were also included in the database, but the attackers do not have the decryption key a priori.
Unencrypted passport information could prove valuable to foreign espionage agencies, which could more easily track the international movements of government officials and business leaders and cross-check the data with other information to create detailed records on specific economic or political targets. At the end of November, the US chief of diplomacy blamed the attack on China. Many outside observers also agree.
Given the trade war between the United States and China, the USA suspects that China is trying to recruit Western executives to work for China or to give bribes to politicians.
Marriott indicated at the time that the database included information on names, addresses, emails, telephone and passport numbers, dates of birth and some loyalty card details. The group now estimates that the data of approximately 8.6 million payment cards were also included. Marriott has created a dedicated website and a call center. The site for the webpage is info.starwoodhotels.com.