It has happened again! On Tuesday, Marriott announced that confidential information on up to 5.2 million guests was compromised recently, including names, phone numbers, birth dates, room preferences and loyalty plan numbers. The data was allegedly accessed beginning in January by an unauthorized party that was able to access an application that is used by internal staff to look up guest information. For those counting, this is the second breach for the Marriott organization in 2 years.

There are a few options for checking to see if your account is in the list of compromised accounts.

1 – You should have received an email from “marriott@email-marriott.com” on March 31st if Marriott determined your account was included in the breach. That’s assuming your spam filters didn’t keep it from your inbox.

2 – There is an online form you can use to check your account. After you provide a few details, there is a multi-step verification process to confirm your identity before Marriott gives you an answer. Don’t be too concerned though – it only took me about 5 minutes to get an answer about my account.

3 – You can also call a hotline at (800) 598-9655 if you are in the US or Canada. If you are in other countries, you can check out Marriott’s Incident Notification page for additional phone numbers and instructions.

This breach demonstrates the importance of multi-factor authentication for any system that holds sensitive data, including internal systems. It’s also worth noting that you should be mindful about scammers attempting to use this breach as a way to contact you posing as Marriott to try to trick you into providing your credit card or other sensitive information.

If you found this post helpful, please share it with a colleague so that they can check their info.