Photo: Justefrain
About 500 million Marriott customers appear to have had their credit or debit card numbers stolen four years ago.
These consumers are at risk for existing account fraud and should consider requesting a new card. All consumers should check their monthly credit card and bank statements.
“The Marriott breach raises serious questions about Marriott’s data security and its response,” said Mike Litt, consumer campaigns director for U.S. PIRG, a public interest organization. “For starters, how did Marriott’s data breach go unnoticed for four years?”
Litt said Marriott should do a better job explaining the risks posed by its breach and what consumers can do to protect themselves.
Marriott is offering a free service for a year that will alert you if your personal information is found on websites that share stolen information. However, even in the absence of an alert, consumers should act as if their personal information is already out there, he said.
Other pieces of information stolen in this breach, including dates of birth, don’t appear usable for identity theft or fraud on their own. But this information could pose serious threats if coupled with more valuable personal information, such as Social Security numbers, stolen in other breaches or from phishing scams.
Here are steps you can take to protect yourself from fraud:
- New account fraud including cell phone, credit card, loan, and utility accounts: Get credit freezes at all three nationwide credit bureaus –Equifax, Experian, and TransUnion.
- Tax refund fraud: File your taxes as soon as possible, before thieves do. Also, if you qualify, get an Identity Protection PIN.
- Social Security benefits fraud: Sign up for your“my Social Security” (MySSA) account before thieves claim it and change your direct deposit information to route into their checking accounts.
- Health care services/medical benefits fraud: Sign up for online accounts with your health care and insurance providers to periodically check for any fraudulent services on your statements.
- Other fraudulent activity: Check your free annual consumer reports with companies that specialize in collecting information often misused by criminals.
- Phishing scams: Ignore unsolicited requests for information by email, links, phone calls, pop-up windows, or text messages. Marriott will notify its affected customers about its breach by email (starwoodhotels@email-marriott.com) and has said it won’t ask for personal information or include attachments.
For more tips for protecting yourself from identity theft and fraud see the ID Theft and Privacy Checklist.
