David Shephardson reports:
Marriott International Inc Chief Executive Arne Sorenson apologized on Thursday before a U.S. Senate panel for a massive data breach involving up to 383 million guests in its Starwood hotels reservation system and vowed to protect against future attacks.
[…]
Committee Chairman Rob Portman noted that Starwood said it had discovered malware in November 2015 – before Marriott purchased it – on some systems designed to steal credit card information but Starwood said at the time it “did not impact its guest reservation database.”
Sorenson said there was evidence of an unauthorized party on the Starwood network since July 2014 but “our investigators had found no evidence the attacker had accessed guest data” until mid-November 2018.