The world’s largest hotel group disclosed that its Starwood Hotels & Resorts guest database had been illegally accessed, and that the payment card information of up to 500 million guests could have been taken . About 327 million people, according to Marriott, had at least their names, mailing addresses, phone numbers, passport numbers, guest reservation numbers, dates of birth and other identifying information compromised. While payment card numbers and expiration dates were encrypted, it is believed the attackers may have taken components needed to decrypt them. (Financial Times)

Talking point: This appears to be the largest publicly-disclosed data breach since Yahoo said one billion of its users were compromised in 2013, a figure it later raised to three billion. Marriott bought the Starwood chain for US$13.6 billion in 2016, and said it doesn’t anticipate the breach will “impact its long term financial health”—the company’s stock had fallen 5.78 per cent to US$114.80 as of late afternoon trading.