Loading articles...

Vancouver lawyer files civil claim over Marriott client data breach

Last Updated Dec 18, 2018 at 6:23 pm PST

In this Tuesday, April 30, 2013, file photo, a man works on a new Marriott sign in front of the former Peabody Hotel in Little Rock, Ark. Canadians have started receiving emails from Marriott International, informing them of a recent breach of personal data held by their Starwood hotel properties. THE CANADIAN PRESS/AP/Danny Johnston, File

VANCOUVER (NEWS 1130) — A Vancouver law firm has filed a civil claim on behalf of Marriott hotel customers who may have had their privacy violated in a years-long security breach.

Kevin McLaren, a partner with Hammerberg Lawyers, says it’s not clear how many B.C. clients are affected, but up to 500 million guests could be victims of a breach that happened in 2014 and wasn’t detected until Sept. 10 this year.

“We’ve had a number of people reach out indicating that they’ve stayed at the Starwood properties and then we’ve had a number of people who also reached out indicating that they had received an email from Marriott indicating that they were possibly subject to the data breach,” McLaren tells NEWS 1130.

In a news release last month, Marriott International says an “unauthorized party” has stolen an array of personal information on Marriott and Starwood clients and that the company was able to decrypt the data, which it found out were duplicates of guest data.

“For approximately 327 million of these guests, the information includes some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences,” the release reads.

Credit card information was also taken but Marriott writes it uses “Advanced Encryption Standard encryption” to secure payment information.

McLaren says the next step involves rounding up any possible victims from B.C. and having this case certified as class action.

“On a rolling basis, they are emailing people who may be affected,” McLaren says. “As far as I’m aware, they haven’t emailed everybody yet.”