If you’ve booked a stay at a Starwood hotel, including a St. Regis, Westin, or W Hotel between 2014 and 2018, there’s good news and bad news. The bad news: your personal data, including your name, passport information, address, phone number, and email may have been stolen. The good news: Marriott will pay for new passports for those affected.

In what’s being called one of the largest customer data breaches in history, up to 500 million people who booked through the hotel group’s online database may be at risk for identity theft. Marriott is doing what it can to help, however, by offering to reimburse victims for the cost of new passports.

“We’re setting up a process,” Marriott told MarketWatch, “to work with our guests who believe that they have experienced fraud as a result of their passports being involved in this incident. If, through that process, we determine that fraud has taken place, then the company will reimburse guests for the costs associated with getting a new passport.”

According to Marriott’s estimates, up to 327 million guests may have had their passport number compromised. Since each new passport costs $110, this could potentially lead to a huge expense for Marriott.

The hotel group is also offering a free identity theft monitoring program, so customers can keep tabs on the security of their personal information, and reach out if they believe there’s been any fraud.

H/T: Travel & Leisure