Will the Starwood hack make us sit up and take notice?

By | Category: Travel tips & opinions

One hotel at which i hace stayed – The Sheraton Dunes

When I first heard of the cyber crime of hacking into one of the Marriott group’s databases which contained 500 million people’s details I was surprised. Not because of the hack but because it contained so many people’s records. And I was one of them. I think.

I have held a Starwood’s loyalty card for many years because I regularly stayed at Sheraton hotels on my then frequent trips to the USA. But did the company really have this many travellers?

Or are these individual records so that if I stayed at a hotel ten times I would be on the file ten times?

Whatever the real answer is to the data size, this hacking is important because it looks as though passport and credit card numbers were on the records. Or some of them because under data protection rules in Europe, information should be removed at the end of a “transaction” if it is no longer relevant. Were my credit card details retained despite the fact that the card would now be out-of-date?

Keeping information about customers secure is of paramount importance in these days of cyber-theft. If the big companies, those with huge IT budgets cannot manage it should we continue to trust them with our information?

Will it mean for example, that we decide not to join their loyalty clubs and opt to remain single transaction huyers each time we book? How many of us tick a box saying that the company with which we are dealing can keep the information to make it easier to book next time? Will we be happy to do that once the full ramifications of this hacking become known?

I still have had no contact from the Starwood side of Marriott nor from Marriott. As it is, the hacking became known in early September yet, some eleven weeks later the news has only just broken. Why so long? Why wasn’t it reported to the Information Commissioner much earlier as the rules say that it should?

Lawyers are in the process of filing a class action against Marriott. Data protection agencies around the world will also be looking at this because of the sensitivity of the data involved.

This may be the case that should make us all wake-up and consider what data is held about us not just by travel companies but by all organisations.

Tags: , , , ,