Marriott Data Breach: 500 Million Accounts Compromised

If you have stayed at one of Marriott’s Starwood hotels in the past few years, chances are you have been affected by a massive data breach that potentially exposed your personal data along with about 500 million other people. Your name, phone numbers, email addresses, passport number, date of birth, and potentially credit card numbers and expiration dates are at risk.

Marriott said in the coming weeks they will start reaching out to affected guests and has set up a website with information about the breach.

For those of you concerned about whether your information was stolen, here are a few steps you can take to protect yourself:

Change your passwords

We hear all the time about stupid things people do when it comes to creating passwords; the most commonly used passwords in the United States for the past several years include “123456”, “password” and some variation like “password1234”. People are easily tricked into giving away their passwords to the likes of Jimmy Kimmel or Ellen to our amusement. Before Sony was breached, they infamously kept their passwords in a file called “Passwords”!

The bottom line is it is nearly impossible to effectively create and remember all the passwords we need to function in our daily lives. It seems there are two ways people handle this. They continue to use the same (usually poor) passwords over and over or they do what I highly recommend and use some sort of password manager program. 

Enable two-step logins

Two-step logins are when two separate passcodes are required to log in to one of your online accounts. One of the most common and popular forms is called text verification, and I’m sure you’ve already experienced it. That’s where you log in to your online account with your regular username and password and then a secondary passcode is sent to your phone by text or even better, through an App like Google Authenticator. Without that second passcode, no one gets into the account.

Set up account alerts 

To monitor accounts quickly and conveniently, sign up for automatic account alerts when any transaction occurs on your account. If you spend even a dollar at a store, you receive an email or text notifying you of the purchase. If you receive an email for an amount you didn’t spend – bingo – you’re probably a victim of fraud.


Some websites and cybersecurity experts will tell you to simply place a fraud alert on your three credit profiles. I am telling you that this isn’t strong enough to protect your credit. Freezing your credit puts a password on your credit profile, so that criminals can’t apply for credit in your name (unless they steal your password too). Here are the credit freeze websites and phone numbers for each bureau.

Equifax Credit Freeze
P.O. Box 105788 Atlanta, Georgia 30348
Toll-Free: 1.800.685.1111

TransUnion Credit Freeze
Fraud Victim Assistance Department P.O. Box 6790 Fullerton, CA 92834
Toll-Free: 1.888.909.8872

Experian Credit Freeze
P.O. Box 9554 Allen, TX 75013
Toll-Free: 1.888.397.3742

Equifax is being overwhelmed by requests, so be patient and keep trying. Even if it doesn’t happen today, you need to Freeze Your Credit!