Marriott International CEO Anne Sorenson apologised to a US Senate subcommittee hearing for the company’s data breach which affected 383 million guests.
When pressed about who was responsible for the hack, Sorenson Marriott was still unsure.
“The short answer is we don’t know. We’ve simply been focused on making sure the door is closed,” said Sorenson.
Sorenson said in the future Marriott would likely encrypt passport information and store it at a property level rather than in a centralised database.
Marriott has had no evidence so far that any of the stolen data has been put up for sale or distributed in any other way.
“We have not been notified by any banks or card networks that Starwood has been identified as a common point of purchase in any fraudulent transactions.”
Looking forward, Marriott is trying to take the incident as a learning experience and become an industry leader in regard to cybersecurity.
“We are working to identify ways that we can be an industry leader on these issues. We know that this is a race that has no finish line. Cyber-attacks are a pervasive threat. At Marriott, we are committed to taking care of our guests and to proactively finding ways to protect against, detect, and respond to these evolving cyber threats.”
