News

Marriott hotel chain fined $123 million for major data breach

The Marriott hotel chain has become the second largest company to face a severe penalty for non-compliance with the GDPR.

The British regulator Information Commissioner’s Office (ICO) reported a recovery of £ 99 million ($ 123 million) for data leakage, which occurred in 2018.

«The GDPR makes it clear that organisations must be accountable for the personal data they hold. This can include carrying out proper due diligence when making a corporate acquisition, and putting in place proper accountability measures to assess not only what personal data has been acquired, but also how it is protected», – claims British Information Commissioner Elizabeth Denham.

This data leak was discovered in November 2018, when the company revealed a compromise of the database of its subsidiary Starwood Hotels.

Elizabeth Denham
About 339 million guests came into the hands of attackers. The database included guest names, postal addresses, telephone numbers, email addresses, dates of birth, field information, arrival and departure, booking dates, etc. data 8.6 million bank cards.

Read also: British Airways will pay a record penalty for data leakage within the GDPR

An internal investigation has shown that attackers have had access to the system since 2014. An ICO investigation revealed that Mariott did not adequately verify when buying Starwood and did not properly protect its system.

«Personal data has a real value so organizations have a legal duty to ensure its security, just like they would do with any other asset. If that doesn’t happen, we will not hesitate to take strong action when necessary to protect the rights of the public», — reports in official statement Elizabeth Denham.

However, there is an opinion that for the cyberattack on the hotel network Marriott, during which personal data of 500 million users were stolen, could be responsible cybercriminals associated with the Chinese government.

Additionally, the other day it became known that the Office of the Commissioner for Information of Great Britain fined British Airways, country’s largest airlines, for non-compliance with the GDPR. The amount of the fine was a record – £183 million.
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Recent Posts

Remove News-bpudepi.today pop-up ads (Virus Removal Guide)

News-bpudepi.today is a domain that tries to trick you into subscribing to its browser notifications…

1 day ago

Remove Doguhtam.xyz pop-up ads (Virus Removal Guide)

Doguhtam.xyz is a site that tries to trick you into subscribing to its browser notifications…

1 day ago

Remove News-xlixoti pop-up ads (Virus Removal Guide)

News-xlixoti.com is a site that tries to force you into subscribing to its browser notifications…

1 day ago

Remove Ducesousightion pop-up ads (Virus Removal Guide)

Ducesousightion.com is a domain that tries to trick you into clik to its browser notifications…

1 day ago

Remove News-xlabica.live pop-up ads (Virus Removal Guide)

News-xlabica.live is a domain that tries to trick you into clik to its browser notifications…

1 day ago

Remove Mergechain.co.in pop-up ads (Virus Removal Guide)

Mergechain.co.in is a site that tries to trick you into subscribing to its browser notifications…

1 day ago