Some links to products and partners on this website will earn an affiliate commission.

Marriott has announced that data from 5.2 million customers has become freely available after the hotel chain was hacked (again!).

The Marriott Bonvoy loyalty programme has over 120 million members. 5.2 million of these are affected by the recent hacker attack on the hotel chain.

Marriott believes the hackers may have gained access to:

• Contact Details (e.g., name, mailing address, email address, and phone number)
• Loyalty Account Information (e.g., account number and points balance, but not passwords)
• Additional Personal Details (e.g., company, gender, and birthday day and month)
• Partnerships and Affiliations (e.g., linked airline loyalty programs and numbers)
• Preferences (e.g., stay/room preferences and language preference)

Although the investigation is still ongoing, the hotel chain currently has no reason to believe the hacked information included passwords. Also, it is not believed that the hackers have obtained information on debit/credit card, passport or driver’s license number. You can read the detailed announcement here .

What should you do?

Emails have been sent out to anyone believed to be affected by the hack.  Even if you have not been notified by Marriott, you can check on this website to see if your information has been leaked. In addition, you can take these precautions:

• If you have not yet activated your online access to your Marriott Bonvoy account, do so now. This will also protect your information with your chosen password.
• You will need a password that is not easy to guess. The password must also not be used elsewhere.
• You should check your Marriott Bonvoy account to see if there have been any activity you did not request. If necessary, notify member services.
• You should change your account password in the loyalty programme.
• If you are called by someone who claims to be from Marriott or receive an email purportedly from the hotel chain, do not disclose any information whatsoever. Especially not information about your credit card or password for different accounts.