Marriott Breach Puts Spotlight On Hotel Cyber Risk

Marriott International Inc.’s disclosure last week of a massive data breach illustrates the potential vulnerability of the hospitality sector, which plays host to mountains of personal information via hotel bookings and loyalty programs, experts say. Already the target of past cyberattacks, hotels should ensure they have consistently high levels of security throughout their franchises and conduct cyber due diligence prior to mergers and acquisitions, they say. Bethesda, Maryland-based Marriott said Nov. 30 that hackers accessed up to 500 million customer records in its Starwood Hotel unit’s reservation system in an attack that began four years ago, prior to Marriott’s ownership of the brand, exposing data including passport numbers and payment cards. The hotel chain said it buys cyber insurance coverage but it is too early to estimate the financial impact of the breach.