Marriott to 'vigorously defend' £99m fine over huge data breach

Marriott to 'vigorously defend' £99m fine over huge data breach

Marriott announced the breach in November, saying when it acquired Starwood Hotels & Resorts Worldwide Hotels in September 2016 the old reservation system was compromised. "So consumer trust in how they collect, store and use data is fundamental to building long-term relationships with customers and their willingness to share data", finsihed Aldighieri.

It is believed that more than 5m unencrypted passport numbers and millions more encrypted payment cards were accessed by threat actors during the attack.

The hack had its roots in the Starwood hotels group starting in 2014, two years before it was acquired by Marriott.

As part of its review into the incident, the ICO identified that British Airways had poor security arrangements in place to protect customers' data.

Marriott said that it would appeal any fine imposed by the regulator. Violations may lead to fines of as much as 4 per cent of a company's annual sales. It's issuing the fine in accordance with the General Data Protection Regulation, the far-reaching EU-wide privacy law introduced in May 2018.

In BA's case, its fine represented just 1.5% of its turnover in 2017 while Marriott's represented about 3% of the hotel company's $3.6bn revenue from 2018.

In a statement, Marriott President and CEO Arne Sorenson said the company has assisted the Information Commissioner's Office with its investigation. "We take the privacy and security of guest information very seriously".

The hotel chain released a statement Tuesday saying it would contest the fine.

More news: Borderlands 3 Social Features, Livestreaming Tools and More Outlined

The penalty relates to a data breach that resulted in about 339 million guests' having had their personal details exposed. It also states that firms must notify authorities about breaches within 72 hours after learning about them.

Marriott reported that as of December 31, 2018, Starwood-branded hotels are no longer using the Starwood reservation system that had been breached. The ICO rampage is only a start and should put companies that deal with personal data on high alert.

"Marriott has been co-operating with the ICO throughout its investigation into the incident, which involved a criminal attack against the Starwood guest reservation database", he said.

The penalty relates to the mega-breach the hotel chain fessed up to in November a year ago. On Monday, the watchdog announced its intention to fine British Airways £183.4 million ($230M) over a 2018 data breach.

Marriott is facing a hefty fine for failing to keep customer data safe.

THE INFORMATION COMMISSIONER'S OFFICE (ICO) has smacked Marriott International with a £99m GDPR fine over last year's security breach.

BA said it had received no reports from customers who had had money fraudulently taken out of their account. This saw people wake up to the potential of their personal data, leading to greater awareness of the role of the regulator when their data rights aren't being respected.

'When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience. "That's why the law is clear - when you are entrusted with personal data you must look after it".