Summary box
- Incident date
- 01 Sept 2018
- Reported date
- 30 Nov 2018
- Sources verified
- 2
Back to breach centre
Marriott breach guide
Marriott data breach: what happened and what to do next
You do not need drama. You need signal. Here is the fast reality: what was reported, what may be exposed, and the practical moves worth doing right now.
Status: Confirmed
Last updated: 22 May 2026
Company
Marriott
Status
Confirmed
Data potentially exposed
Names, Addresses, Passport data, Travel details
Affected scope
Large guest datasets were reported as impacted in the Starwood reservation system incident.
1. What happened?
Marriott disclosed a major reservation-system compromise affecting guest identity and travel data.
- Unauthorized activity persisted in reservation infrastructure before detection.
- Guest and travel-linked records were exposed at scale.
- The incident raised concerns about travel-pattern intelligence misuse.
2. Who may be affected?
- Guests in affected reservation systems.
- Frequent travelers with long booking histories.
- Users with exposed profile and contact details.
3. What should users do now?
- Treat travel-themed phishing and booking alerts with caution.
- Rotate reused credentials tied to travel programs.
- Enable MFA where loyalty and inbox accounts support it.
- Monitor for impersonation and reward-account misuse.
4. How exposure can spread beyond one incident
Travel-pattern and identity data can be leveraged for high-trust social engineering attempts.
5. How Hushfolk helps
Hushfolk helps identify where travel-related exposure may connect to broader identity risk signals.
Terms in this article
New to security jargon? These quick definitions keep the page readable.
Need the full list? Open the security glossary.