Marriott said last week that teams of forensic and data analysts had identified “approximately 383 million records as the upper limit” for the total number of guest reservations records in the Starwood reservations system lost in the data breach announced in November. The company said that the biggest hacking of personal information in history was not quite as big as first feared but for the first time conceded that its Starwood hotel unit did not encrypt the passport numbers for roughly 5 million guests. So far, there are no known cases in which stolen passport or credit card information was found in fraudulent transactions. The company said about 8.6 million credit and debit cards were “involved” in the incident, but those were all encrypted — and all but 354,000 cards had expired by September 2018, when the hacking, which went on for years, was discovered.