Marriott announced last week that it had suffered a massive data breach, affecting over 327 million Starwood guests. Hackers made off with personal guest data such as addresses, emails, passport and credit card numbers.
While the data breach is certainly high-profile, especially as Marriott continues to struggle with its Marriott Rewards-Starwood Preferred Guest integration, it’s not unique, even in the travel industry. Uber was recently hit with a $1.2 million fine by British and Dutch authorities for a 2016 hack that compromised almost 60 million users, and British Airways suffered a hack three months ago that affected 380,000 payments. These breaches incur hefty fines and PR headaches for travel companies and Marriott should be no exception.
However, it’s unlikely that the breach will extend from consumer data to customer trust. Americans love to travel and even are willing to trade away their personal data if a company satisfies their travel needs. According to Mintel research on frequent travel programs, almost two-thirds of loyalty program members are comfortable giving out their personal information if it means a program can give more personalized offers in return. The ramifications of data breaches aren’t necessarily top of mind or considered an issue serious enough to switch companies, even after last year’s Equifax data breach. Mintel research on perceptions of credit and credit monitoring finds that fewer than half of consumers are worried about identity theft affecting their credit score.
Additionally, loyalty members don’t seem to worry about data breaches until they need to. Skift spoke to several Marriott loyalty members who didn’t show a lot of concern about the breach. “I am not concerned. They said I would be getting an email if I am affected and they are starting to send them out today. Kudos to Marriott that I found out about this from them before I found out about it from anyone else,” said a loyalty member. Another loyalty member was willing to give Marriott a pass as long as they correct the error and learn from their mistake.
What we think
Marriott has acknowledged the breach and is getting ahead of identity thieves by alerting those customers who have been affected. The hospitality giant is also offering one year of free service with WebWatcher, a computer and mobile device monitoring software that alerts affected customers if their data is being used elsewhere. Many of these steps have been used by past breach victims such as Target, but the quick response from Marriott seems sufficient for consumers. Time will tell if Marriott is an unfortunate exception, but as long as Marriott keeps providing timely and efficient responses, guests will continue handing over their dollars and personal information.