The company also says that as per its breach investigation, 25.6 million passport numbers were exposed in the fraud attack, out of which 5.25 million were unencrypted. Also approximately 8.6 million encrypted payment cards that were being stored by Marriott were exposed as well.
However, Marriot comments that by the time the breach was discovered, the majority of the payment cards were expired. Only 354,000 were still active as of September 2018. Regarding the passport data, Marriott does not believe the third party accessed the encryption key needed to access the payment cards.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now