Hotel chain Marriott was given a 18.4 million pound data breach. Among them are millions of customer contacts. Marriott said it did not intend to appeal the decision but does not accept liability in relation to the decision or any underlying allegations. A cyber attack from an unknown source impacted the hotel networks, but wasn’t discovered until two years ago. Marriott was fined for failing to keep customers data secure. Marriott estimates that 340 million guest data were affected worldwide.
It is believed that the customer data varied from person to person, but may have included names, contact details, arrival and departure data. The exact number of people affected is unclear as there may have been many files for a single guest, but around million data related to individuals in the UK.
Millions Of People Have Been Hacked By Marriott’s Failure
Thousands called the hotline and others may have had to take steps to get their individual data because the company they trusted hadn’t. If a company doesn’t maintain customer data, the impact isn’t just a fine. Most important are the customers, whose data must be protected. The regulator admits that Marriott responded promptly to customers and has since taken a few steps to improve the security of its networks. Marriott deeply regrets the incident. Marriott remains committed to the security of its guests information and continues to invest heavily in security measures for its networks.
Marriott participated in the investigation and has improved its security measures since these events became known. The company will now have the opportunity to comment on the proposed findings. As part of the GDPR provisions, the data security in the EU whose residents are hacked also have the opportunity to comment on the results of the investigation. Experts say that the case will carefully review the statements made by the company and the other security authorities concerned before making the final decision.
In a statement released yesterday, the ICO said: “As part of the regulatory process, the ICO considered representations from Marriott, the steps Marriott took to mitigate the effects of the incident and the economic impact of COVID-19 on their business before setting a final penalty.”