The biggest threat is not that a criminal could open a credit card in your name and make fraudulent transactions; that would get fixed quickly since credit card companies know about the problem, he says. “If someone picked up a driver’s license in your name, that’s a lot more of a serious problem for you,” Steinberg says.
A criminal could also use the information to embark on medical identity theft, says Rebecca Herold, CEO of cyber consulting group Privacy Professor, and a credit freeze won’t prevent that, either. “People need to understand that [a credit freeze] is very limited in scope to what it will prevent in a breach such as this,” she says.
Freezes are best implemented when financial information has been compromised, independent computer security analyst Graham Cluley tells CNBC Make It, and that does not seem to be the case with Marriott.
“At the moment there’s no indication that payment details have been compromised by scammers, and I would imagine that on a breach of this scale that Marriott would work with the banks to proactively block cards if they believe that they are likely to be,” Cluley says.
It’s a tricky situation, Cluley says. After all, you’re unlikely to change your name, your address, your phone number or your passport number. “Many people, I suspect, won’t even change what hotel they book for their vacations — after all, this is the world’s biggest hotel chain, and there are many other hotels that have been hacked in the past,” he says.