You are hereHome >
“The Marriott breach raises serious questions about Marriott’s data security and its response. For starters, how did Marriott’s data breach go unnoticed for four years?
Marriott should do a better job explaining the risks posed by its breach and what consumers can do to protect themselves.
Marriott is offering a free service for a year that will alert you if your personal information is found on websites that share stolen info. However, even in the absence of an alert, consumers should act as if their personal information is already out there.
Some of the 500 million customers affected appear to have had their credit or debit card numbers stolen. These consumers are at risk for existing account fraud and should consider requesting a new card. All consumers should check their monthly credit card and bank statements.
Other pieces of information stolen in this breach, including dates of birth, do not appear usable for identity theft or fraud on their own. But this information could pose serious threats if coupled with more valuable personal information, such as Social Security numbers, stolen in other breaches or from phishing scams.
Here are steps you can take to protect yourself from fraud:
Tax Refund Fraud: File your taxes as soon as possible, before thieves do. Also, if you qualify, get an Identity Protection (IP) PIN.
Social Security Benefits Fraud: Sign up for your “my Social Security” (MySSA) account before thieves claim it and change your direct deposit info to route into their checking accounts.
Health Care Services/Medical Benefits Fraud: Sign up for online accounts with your health care and insurance providers to periodically check for any fraudulent services on your statements.
Other Fraudulent Activity: Check your free annual consumer reports with companies that specialize in collecting information often misused by criminals.
Phishing Scams: Ignore unsolicited requests for information by email, links, phone calls, pop-up windows or text messages. Marriott will notify its affected customers about its breach by email (firstname.lastname@example.org) and has said it will not ask for personal information or include attachments.
More tips for protecting yourself from identity theft and fraud are available here.”
U.S. PIRG (Public Interest Research Group) Education Fund is an independent, non-partisan group that works for consumers and the public interest. Through research, public education and outreach, we serve as counterweights to the influence of powerful special interests that threaten our health, safety, or well-being.
Your donation supports U.S. PIRG’s work to stand up for consumers on the issues that matter, especially when powerful interests are blocking progress.