Latest in Gear

Image credit: Roberto Machado Noa/LightRocket via Getty Images

Marriott faces $123 million UK fine over data breach

The hotel chain allegedly violated the GDPR through lax oversight.
123 Shares
Share
Tweet
Share
Save

Sponsored Links

Roberto Machado Noa/LightRocket via Getty Images

Marriott might soon face a stiff penalty for the massive November 2018 data breach. The UK's Information Commissioner's Office plans to fine the hotel chain £99,200,396 (about $123.7 million) for allegedly violating the EU's General Data Protection Regulation through the incident. Marriott didn't conduct "sufficient due diligence" when it bought Starwood, according to the regulator, and "should also have done more" to improve security.

Starwood's systems were compromised as soon as 2014, but Marriott didn't disclose the breach until 2018 -- two years after it completed the takeover of Starwood. It's now estimated that about 339 million guests were exposed, 30 million of them in the European Economic Area and 7 million of them in the UK. Over 5 million unencrypted passport numbers were affected by the intrusion.

While the ICO said Marriott had cooperated with the investigation and improved its security since the breach, it's not going to fine the hotel giant without a fight. Marriott said in a statement that it was "disappointed" with the outcome and intended to "contest" the potential fine. It might not earn much sympathy from officials, though. The ICO has already signaled plans to fine British Airways $230 million for a data breach, and that was for a two-week period. It's not likely to go easy on Marriott when the company theoretically had years to detect and address a security concern.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
123 Shares
Share
Tweet
Share
Save

Popular on Engadget

Engadget’s guide to Home Entertainment

Engadget’s guide to Home Entertainment

View
Safari in iOS sends some Safe Browsing data to Tencent

Safari in iOS sends some Safe Browsing data to Tencent

View
US says digital assets are covered by money laundering and disclosure laws

US says digital assets are covered by money laundering and disclosure laws

View
San Francisco's proposed office would prevent 'reckless' tech rollouts

San Francisco's proposed office would prevent 'reckless' tech rollouts

View
Porsche's Macan EV will fully replace its gas counterpart in a few years

Porsche's Macan EV will fully replace its gas counterpart in a few years

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr