Matt Rourke, AP
This Feb. 1, 2010, file photo, shows the Westin Philadelphia hotel in Philadelphia. Two years ago Marriott International bought Starwood, which owned the Westin brand.

SALT LAKE CITY — About 500 million Marriott customers have had their data hacked after staying at W, Sheraton and Westin hotels, according to the hotel company.

What’s going on: Marriott announced Friday that 500 million people had their data hacked after they stayed at one of the hotels.

What was stolen: The breach occurred within the Starwood guest authorization database, which holds plenty of information about customers. The company said some combination of people’s names, addresses, passport numbers, dates of birth and other information was stolen in the breach.

The company said an unspecified number of people had their credit card information stolen, too. Though that information is encrypted, the hackers may have capabilities of breaking through the encryption, Business Insider reports.

Brands: The hack could have also affected anyone who stayed in a Starwood property on or before Sept. 10. Those hotels include:

  • W Hotels
  • St. Regis
  • Sheraton Hotels & Resorts
  • Westin Hotels & Resorts
  • Element Hotels
  • Aloft Hotels
  • The Luxury Collection
  • Tribute Portfolio Le Méridien Hotels & Resort
  • Four Points by Sheraton Design Hotels

How: Marriott said an internal security tool alerted the company of the hack. The company investigated the matter and decided an "unauthorized party had copied and encrypted information,” according to BBC News.

Comment on this story

Response: "We deeply regret this incident happened," the company said in a statement. "Marriott reported this incident to law enforcement and continues to support their investigation. The company has already begun notifying regulatory authorities."

What's next: Marriott is investigating the hack. The company will work with authorities in the investigation.

The company will email any guests impacted by the hack, CNN reports.

Flashback: The company said the hack has been happening since 2014. It likely affected anyone who booked on or before Sept. 10, according to Business Insider.