It was through that investigation that the company found that the initial estimate of those affected was higher than the actual number of customers who had their information exposed. In some cases, customers' payment card information, birthdates, and passport numbers.
Following a November announcement about a hack to its Starwood reservations database, Marriott provided an update to customers Friday. The remaining 20.3 were encrypted. The company recently discovered that an unauthorized party had copied and encrypted information, and took steps towards removing it. However, the company said that number is likely still too high because it counts multiple compromised records belonging to a single guest.
Following the news of the massive, four-year data security breach on November 30, Marriott International provided new updates Friday that show that the breach, while far-reaching, was not as impactful as the hotel chain originally reported.
In addition, the company now believes that about 8.6 million encrypted payment cards were involved in the incident. Marriott said that 5.25 million unencrypted passport numbers were part of the information that was compromised and accessed in the hack. "There is no evidence that the unauthorized third party accessed the master encryption key needed to decrypt the encrypted passport numbers", Marriott's new statement says. The company is continuing to analyze these numbers to better understand if they are payment card numbers and, if they are payment card numbers, the process it will put in place to assist guests.
Elliott, Cowboys power past Seahawks for 24-22 wild-card win
The Cowboys' receiving corps was already hobbled, with Cole Beasley leaving briefly in the first quarter with an ankle injury. Kicker Sebastian Janikowski grabbed his hamstring after attempting a 57-yard field goal as time expired before halftime.
The hotel company is establishing a system that will enable designated call center representatives to refer guests to appropriate resources through which individual passport numbers can be looked up to determine whether they were among the unencrypted passport numbers. Marriott says it has identified approximately 383 million records as the upper limit for the total number of guest records that were involved in the incident. However, in the updated disclosure, Marriott officials said there is "no evidence that the unauthorized third party accessed either of the components needed to decrypt the encrypted payment card numbers". They have also stated that customers can contact the listed phone numbers in order to receive a method to check if your passport numbers was one of the ones that was stored unencrypted in the database.
The security breach will mean the end of the road for the Starwood Reservations system at the center of the hack.
Marriott added that it completed the phase-out of the Starwood reservation system, the scene of the crime.