Marriott Starwood Data Breach Should Be A Red Flag

For those who do not yet know, Marriott International recently acquired Starwood Hotel & Resorts for $13.6 billion. In theory, that purchase was a bet by Marriott that Starwood’s successful loyalty program would bring more customers into the other Marriott properties. While that may be the case, it also seems as though they purchased a massive security risk as well.

Starwood announced that a cyber breach in their online reservation system has been leaking customer data to hackers since 2014. Apparently, unauthorized access was gained by hackers for the information of over 500 million Starwoods customers. While the information lost differed from customer to customer, it looks as though passport numbers, travel histories, loyalty program accounts, and yes, even credit card information.

Marriott Chief Executive Officer Arne Sorenson released a statement about the breach saying that, ““We fell short of what our guests deserve and what we expect of ourselves…We are doing everything we can to support our guests, and using lessons learned to be better moving forward.”.

Since a big part of the value Marriott was hoping for from this acquisition resides within the Starwood loyalty program, a major security breach affecting that program is a massive issue.

Michael Bellisario, an analyst at Robert W. Baird & Co spoke with the Insurance Journal about the implications of this breach. According to Bellisario, “Marriott’s biggest asset is the network effect of customers in the loyalty program…The big question is: ‘Does it impact the Marriott brand, and the customer desire to be rewards program members?’ It’s still too early to tell.”

Cyber risk is a silent, but devastating factor that can completely upend any kind of business acquisitions. This is a great example of that actually happening. Now, just how bad will this breach be for Marriott? Only time will tell.

Sources:
https://www.insurancejournal.com/news/national/2018/12/03/510811.htm

Leave a Reply

Your email address will not be published. Required fields are marked *