Hotels

Marriott smacked with $33.7m fine over infamous data breach

Christian Fleetwood

Christian Fleetwood

The United Kingdom’s data privacy watchdog has fined Marriott International £18.4 million (around $33.7 million) for a major data breach that may have affected as many as 339 million guests.

The Information Commissioner’s Office (ICO) said the data obtained by hackers could have included names, email addresses, phone numbers, unencrypted passport numbers, arrival or departure information, and guests’ VIP status and loyalty program membership numbers.

The ICO’s investigation found that there were failures by Marriott to put appropriate safeguards in place, as required by the General Data Protection Regulation (GDPR), but acknowledged that the company had improved.

The precise number of people affected is unclear, but Marriott estimates 339 million guest records worldwide were affected following the cyber-attack in 2014 on Starwood Hotels and Resorts Worldwide Inc.

The attack, from an unknown source, remained undetected until September 2018, by which time the company had been acquired by Marriott.

However, the ICO said there may have been multiple records for an individual guest. Seven million guest records related to people in the UK.

“Personal data is precious and businesses have to look after it,” ICO information commissioner Elizabeth Denham said in a statement.

“Millions of people’s data was affected by Marriott’s failure; thousands contacted a helpline and others may have had to take action to protect their personal data because the company they trusted it with had not.

“When a business fails to look after customers’ data, the impact is not just a possible fine. What matters most is the public whose data they had a duty to protect.”

The ICO acknowledged that Marriott acted promptly to contact customers and the ICO. It also acted quickly to mitigate the risk of damage suffered by customers, the ICO said, and has since instigated several measures to improve the security of its systems.

Marriott International said it does not intend to appeal the decision, but made no admission of liability in relation to the decision or the underlying allegations.

The company added that it “deeply regrets” the incident.

“Marriott remains committed to the privacy and security of its guests’ information and continues to make significant investments in security measures for its systems, as the ICO recognises,” the company said in a statement.

“The ICO also recognises the steps taken by Marriott following discovery of the incident to promptly inform and protect the interests of its guests. Marriott wants to reassure guests that the incident and the ICO’s decision involved only Starwood’s separate network, which is no longer in use.”


Featured image source: iStock/volkan.basar



SEE WHAT PEOPLE ARE SAYING

Leave a Reply

News

Industry movements: New hires at Intrepid, TravelManagers, Silversea and more

Keep tabs on all the latest movements in the industry, find who you need to shmooze at the next networking event and suss out all the latest gossip right here.

Share

CommentComments

Cruise

Coral Princess brings cruising back to Newcastle

Cruising has returned to Newy, marking more opportunities for the locals to hang out by the water and wear thongs.

Share

CommentComments

Hotels

Soneva introduces cryptocurrency payments at its resorts

This new update could mean that other travel companies may soon accept crypto, and then someone may finally buy our Travel Weekly NFT!

Share

CommentComments

Tourism

Paul Hogan gets top Tourism Australia honour

Hogan was reportedly quite happy with the award, but quietly disappointed that it wasn’t a knife which he could compare with his larger knife.

Share

CommentComments

Events

Missed the Visit USA Expos? Fear not, we’ve got your biggest questions covered.

by sponsored by Visit USA Australia

No more FOMO! These hot tips will get you in top-tip shape to visit the USA.

Share

CommentComments

News

Jucy to expand rental car fleet with $40m worth of new inventory

Jucy is a vehicle rental operator, not the company that makes those pink velour track pants, in case you were also a bit confused.

Share

CommentComments

Aviation

Qantas group engineers vote to strike

More than 700 Qantas, Jetstar and Network Aviation’s maintenance engineers are in favour of industrial action over pay negotiations.

Share

CommentComments

Events

NTIA 2022 tickets are on sale!

Industry events are a great opportunity to do some networking, reconnect with friends, and wake up the next day with a crippling hangover and anxiety about what you might have said to your boss.

Share

CommentComments

Events

Virtuoso announces its first tech summit

Meanwhile, Travel Weekly will be attempting our first mountain summit. Though it’s not really a mountain, but a hill near our office we try and avoid if possible.

Share

CommentComments

Tourism

Aussie representatives made their mark at Australia Marketplace North America

Its rumoured that some of the reps spent the whole time warning Americans about drop bears and telling people how to ride a kangaroo.

Share

CommentComments

Cruise

Tourists stranded as Europe’s rivers continue to drop

Water levels across Europe’s rivers continue to plague cruise operators with reports of marooned boats on the Doubs River.

Share

CommentComments

Hotels

Midweek Interview

Midweek catch-up with Italian hotelier Gaia Quartucci

This week, we sat down with Gaia Quartucci, global sales and marketing director for part of the Small Luxury Hotels of the world group.

Share

CommentComments