Fewer affected in Marriott hack, but passports were accessed

CHICAGO, IL - NOVEMBER 30: A sign marks the location of a Fairfield Inn & Suites Marriott hotel on November 30, 2018 in Chicago, Illinois. Marriott says their Starwood guest reservation database was hacked, compromising the security of private information for up to 500 million hotel customers. (Photo by Scott Olson/Getty Images)

Marriott says fewer guest records were compromised than feared in a previously announced data breach.

But the largest hotel chain in the world confirmed Friday that approximately 5.25 million unencrypted passport numbers were accessed.

The compromise of those passport numbers has raised alarms among security experts because, combined with names, addresses and other personal information, they can be used to open fraudulent accounts, or be used by foreign operators.

The FBI is leading the investigation of the hack and investigators suspect the hackers were working on behalf of the Chinese Ministry of State Security.

The hackers accessed about 20.3 million encrypted passport numbers. There is no evidence that they were able to use the master encryption key required to gain access to that data.

Notice: you are using an outdated browser. Microsoft does not recommend using IE as your default browser. Some features on this website, like video and images, might not work properly. For the best experience, please upgrade your browser.