More than 5 million unencrypted passport numbers were stolen as part of the Marriott data breach last year, according to an update from the hotel giant.
The information accessed in the breach, which was first disclosed on Nov. 30, also includes approximately 20.3 million encrypted passport numbers, the Bethesda, Md.-based hotel chain revealed in an online statement Friday.
Also exposed in the Marriott data breach are approximately 8.6 million encrypted payment cards, 354,000 of which were unexpired as of September 2018, the company said. Marriott added there is no evidence the threat actors accessed the master encryption key needed to decrypt the encrypted passport and payment card numbers.