Marriott has some good news and some bad news about the historic hack it suffered in November.
The company originally estimated that 500 million people were affected, but an investigation conducted by a digital forensic team slimmed that number down to 383 million customers, CNET reports.
Despite the reduced victim count, it’s still one of the largest personal data breaches in history.
Hackers stole a lot of data, including names, phone numbers, email addresses and credit card numbers. They also stole 5.25 million unencrypted passport numbers and 20.3 million encrypted passport numbers.
The company announced that it would pay for passport replacements.
“As it relates to passports and potential fraud, we are setting up a process to work with our guests who believe that they have experienced fraud as a result of their passports being involved in this incident,” a Marriott spokesman told MarketWatch on Friday.“If, through that process, we determine that fraud has taken place, then the company will reimburse guests for the costs associated with getting a new passport.”
Though the culprit behind the hack hasn’t been officially named, Reuters reported in December that the hackers allegedly had ties to the Chinese government.