WORLDWIDE Hilton Worldwide and Marriott International are among more than two dozen companies whose customer data was stolen in a massive security breach of email marketing firm Epsilon.
Hilton confirmed the breach in a Monday email to members of the HHonors loyalty program, while Marriott has likewise released a statement. At least two other hospitality companies, Red Roof Inn and The Walt Disney Co., appear on a list of affected companies posted by SecurityWeek magazine.
The breach involves only customer names and email addresses, according to Epsilon. So while it is unlikely that hackers will be able to steal money or identities of the victims, there is concern that the information could be used for “targeted phishing”—a type of email spam that uses fake emails claiming to be from familiar companies to get users to divulge information about themselves.
In its message notifying customers of the issue, Hilton HHonors advises them not to open emails from unknown senders and not to share personal information over email. Hilton also reminds its customers that it will never ask for sensitive personal data—credit card numbers, social security numbers and the like—to be transmitted over email.