The breach was made sometime in January, 2020, through an internal software program. It exposed information including name, mailing address, email address, phone number, loyalty account number and point balance, company name, gender, birth day and month, information on the customer’s preferences (e.g. room and language preferences), and details on partnerships and affiliations (e.g. linked airline loyalty programs).
We don’t think twice about enrolling in loyalty programs. We get points, discounts, upgrades, and don’t have to repeat ourselves about our preferences. However, we expose the information to risk every time. Next time you’re asked to sign up and think “what have I got to lose?” think about this risk exposure.