Marriott Hotels International is revealing up to 500 million customers have had some of their data stolen in a breach of their Starwood guest reservation database.
The breach was discovered September 8th of this year, and further investigation revealed there had been unauthorized access since 2014.
For 327 million of these guests, data stolen includes some combination of personal information, contact information, and even passport numbers.
In some cases, encrypted payment information was stolen, but Marriott cannot confirm at this time if the hackers were able to decrypt that data.
For the remaining guests, information taken was limited to name, and occasionally email or mailing address.
Some of the brands included in the breach are Sheraton, Westin, and Four Points by Sheraton.