Fewer Marriott guest records that previously feared were compromised in the massive data breach, but the largest hotel chain in the world confirmed that approximately 5.25 million unencrypted passport numbers were accessed. The compromise of those passport numbers has raised alarms among security experts because of their value to state intelligence agencies.
The FBI is leading the investigation of the data theft and investigators suspect the hackers were working on behalf of the Chinese Ministry of State Security, the rough equivalent of the CIA. The hackers also accessed about 20.3 million encrypted passport numbers. There is no evidence that they were able to use the master encryption key required to gain access to that data.
Read more about the Marriott data breach investigation on SecurityWeek.