Marriott settled charges related to a data breach that exposed the information of millions of guests. The company will take steps to better protect customers’ personal information. And it will give customers more control over their information.
If you’re a Marriott customer, here’s what the settlement means for you:
- You may ask Marriott to review your Bonvoy account for unauthorized, suspicious activity. If, after an investigation, Marriott determines your loyalty points were stolen through unauthorized access to your account, Marriott will restore your stolen points.
- You may request through Marriott's website or mobile app the deletion of your personal information associated with your email address or Bonvoy account number.
- Marriott’s privacy policy must clearly state why it’s collecting your personal information and the business need for keeping it.
- You can enable multi-factor authentication on your Bonvoy account to add an extra layer of security.
Additionally, Marriott will
- put in place a comprehensive information security program that includes multi-factor authentication, encryption, and other safeguards
- cooperate with third party audits of its information security program
- only collect and keep personal information if it has a business need for it
- only use the information it collects for the purpose for which it was collected
- delete collected information when it no longer has a need for it
- not use for marketing purposes information you asked Marriott to delete
To learn more about protecting yourself after a data breach, visit IdentityTheft.gov.