
Almost all customer information compromised through a type of hacking by employees
The company believes that the following information may have been involved for up to approximately 5.2 million guests, although not all of this information was present for every guest involved:
- contact details (e.g., name, mailing address, email address, and phone number)
- loyalty account information (e.g., account number and points balance, but not passwords)
- additional personal details (e.g., company, gender, and birthday day and month)
- partnerships and affiliations (e.g., linked airline loyalty programs and numbers)
- preferences (e.g., stay/room preferences and language preference)