Marriott International announced on Nov. 30 that a massive security breach inside the Starwood guest reservation database compromised the personal and financial information of as many as 500 million guests worldwide.
The company believes the initial breach happened to Starwood Hotels two years before Marriott purchased the brand.
As part of the investigation, the company discovered there had been unauthorized access since 2014 and that an "unauthorized party" had copied and encrypted the information.
The breach hit customers who made reservations for the Marriott-owned Starwood hotels, which include the W Hotels, St. Regis, Sheraton, Westin, Element, Aloft, The Luxury Collection, Le Meridien, and Four Points.
The breach was found to include information such as passport numbers, email addresses, addresses, phone numbers, and some credit card numbers.
It's potentially one of the largest breaches of consumer data ever, behind the hacking of 3 billion Yahoo accounts in 2013.
Cyber security expert Emmanuel Schalit, CEO of Dashlane, gave some tips for potential victims.
"It's an event of extreme magnitude for this place so what can people do? The first thing is watch for abnormal activity on their financial records," said Schalit.
"It costs you so little to change any passwords that is related to Marriott or Starwood that that should be your very first action anyway," he added.
Aside from frequently changing passwords, it is also important to monitor your accounts and report any fraud.
This latest breach is a helpful reminder to everyone to pay more attention to security.
"It's about a shift in attitude and behavior of people to start treating their digital identity differently to start taking control of it," Schalit said.