Hotels

Marriott smacked with $33.7m fine over infamous data breach

Christian Fleetwood

Christian Fleetwood

The United Kingdom’s data privacy watchdog has fined Marriott International £18.4 million (around $33.7 million) for a major data breach that may have affected as many as 339 million guests.

The Information Commissioner’s Office (ICO) said the data obtained by hackers could have included names, email addresses, phone numbers, unencrypted passport numbers, arrival or departure information, and guests’ VIP status and loyalty program membership numbers.

The ICO’s investigation found that there were failures by Marriott to put appropriate safeguards in place, as required by the General Data Protection Regulation (GDPR), but acknowledged that the company had improved.

The precise number of people affected is unclear, but Marriott estimates 339 million guest records worldwide were affected following the cyber-attack in 2014 on Starwood Hotels and Resorts Worldwide Inc.

The attack, from an unknown source, remained undetected until September 2018, by which time the company had been acquired by Marriott.

However, the ICO said there may have been multiple records for an individual guest. Seven million guest records related to people in the UK.

“Personal data is precious and businesses have to look after it,” ICO information commissioner Elizabeth Denham said in a statement.

“Millions of people’s data was affected by Marriott’s failure; thousands contacted a helpline and others may have had to take action to protect their personal data because the company they trusted it with had not.

“When a business fails to look after customers’ data, the impact is not just a possible fine. What matters most is the public whose data they had a duty to protect.”

The ICO acknowledged that Marriott acted promptly to contact customers and the ICO. It also acted quickly to mitigate the risk of damage suffered by customers, the ICO said, and has since instigated several measures to improve the security of its systems.

Marriott International said it does not intend to appeal the decision, but made no admission of liability in relation to the decision or the underlying allegations.

The company added that it “deeply regrets” the incident.

“Marriott remains committed to the privacy and security of its guests’ information and continues to make significant investments in security measures for its systems, as the ICO recognises,” the company said in a statement.

“The ICO also recognises the steps taken by Marriott following discovery of the incident to promptly inform and protect the interests of its guests. Marriott wants to reassure guests that the incident and the ICO’s decision involved only Starwood’s separate network, which is no longer in use.”


Featured image source: iStock/volkan.basar


SEE WHAT PEOPLE ARE SAYING

Leave a Reply

Technology

Tripfuser rebrands as Designer Journeys

The travel tech player has capped off a major period of transformation with a new name and a fresh lick of paint.

Share

CommentComments

Travel Agents

AFTA membership renewals climb, as calls for more govt support continue

It appears agent confidence in the federation is high amid wretched industry conditions.

Share

CommentComments

Aviation

“Clearly the last thing we want to do”: Qantas and Jetstar to stand down 2,500 crew

Sadly, the ongoing impact from the Greater Sydney lockdown has forced Alan Joyce’s hand.

Share

CommentComments

Cruise

CLIA to host Virtual Cruise Forum, ACA announces new conference dates

Are you a front-row regular at the CLIA and ACA events? Well, you best jot down these new dates in your diary.

Share

CommentComments

Aviation

Aussie aviation veteran to launch airline for US territory that could be the next Bali

Located just a six-hour flight from Brisbane, this tropical island has high hopes of becoming the new Bali once it’s able to establish a travel bubble with Australia.

Share

CommentComments

Wholesalers

Abercrombie & Kent launches dreamy new domestic itineraries

Clients with a little extra cash to burn and a hankering for luxury trimmings will be delighted by this news.

Share

CommentComments

Destinations

ScoMo reveals further details of Australia’s reopening plan, as lockdown extended for South East Queensland

Just as the PM provides some hope of an end to lockdowns, one of the states has gone and tacked on a few extra days to its own.

Share

CommentComments

Tourism

Aussie skydiving instructor dies saving man in “freak accident”

The instructor is being called a hero after police revealed he took the brunt of the fall, saving the other man’s life.

Share

CommentComments

Aviation

Court rules Qantas used COVID-19 as “opportunity” to axe employees

The TWU has claimed victory over the flying kangaroo in its stoush over the outsourcing of around 2,000 ground-handling operators.

Share

CommentComments

Cruise

Ponant unveils new social media toolkit for agents

Are your cruise bookings anchored at the moment? Get them moving out to sea again with this new toolkit.

Share

CommentComments

Hotels

Independent Collection by Event appoints GMs for newly added properties

Event Hospitality & Entertainment has announced a couple of new GMs. As in general managers – not great magicians or grenadine mixologists.

Share

CommentComments

Road & Rail

Three women embark on road trip after being cheated on by the same man

The trio became close friends and travel buddies after realising they had more in common than met the eye.

Share

CommentComments