News Release

Contact

The Marriott breach: why it’s bad and what you can do to protect yourself

For Immediate Release

“The Marriott breach raises serious questions about Marriott’s data security and its response. For starters, how did Marriott’s data breach go unnoticed for four years?

Marriott should do a better job explaining the risks posed by its breach and what consumers can do to protect themselves.

Marriott is offering a free service for a year that will alert you if your personal information is found on websites that share stolen info. However, even in the absence of an alert, consumers should act as if their personal information is already out there.

Some of the 500 million customers affected appear to have had their credit or debit  card numbers stolen. These consumers are at risk for existing account fraud and should consider requesting a new card. All consumers should check their monthly credit card and bank statements.

Other pieces of information stolen in this breach, including dates of birth, do not appear usable for identity theft or fraud on their own. But this information could pose serious threats if coupled with more valuable personal information, such as Social Security numbers, stolen in other breaches or from phishing scams.

Here are steps you can take to protect yourself from  fraud:

  • New Account Fraud (including cell phone, credit card, loan and utilities accounts): Get credit freezes at all three nationwide credit bureaus --,, and.

  • Tax Refund Fraud: File your taxes as soon as possible, before thieves do. Also,, get an Identity Protection (IP) PIN.

  • Social Security Benefits Fraud: Sign up for your before thieves claim it and change your direct deposit info to route into their checking accounts.

  • Health Care Services/Medical Benefits Fraud: Sign up for online accounts with your health care and insurance providers to periodically check for any fraudulent services on your statements.

  • Other Fraudulent Activity: Check your free annual consumer reports with companies that often misused by criminals.

  • Phishing Scams: Ignore unsolicited requests for information by email, links, phone calls, pop-up windows or text messages. Marriott will notify its affected customers about its breach by email ([email protected]) and has said it will not ask for personal information or include attachments.

More tips for protecting yourself from identity theft and fraud are available here.”

-30-

is an independent, non-partisan group that works for consumers and the public interest. Through research, public education and outreach, we serve as counterweights to the influence of powerful special interests that threaten our health, safety, or well-being.

Support Us

Your donation supports U.S. PIRG’s work to stand up for consumers on the issues that matter, especially when powerful interests are blocking progress.

Consumer Alerts

Join our network and stay up to date on our campaigns, get important consumer updates and take action on critical issues.
Optional Member Code