Security News > 2020 > October > Britain Fines US Hotel Chain Marriott Over Data Breach

Britain's data privacy watchdog on Friday said it has fined US hotels group Marriott over a data breach affecting millions of customers worldwide.
The UK Information Commissioner's Office said in a statement it fined Marriott £18.4 million for breaches of data that included personal information such as passport numbers since March 2018.
Since the breach occurred before Britain left the European Union, the ICO investigated on behalf of all EU authorities as lead supervisory authority under the GDPR. The ICO said Marriott's breach in fact dated back to 2014, uncovering client data including passport numbers.
"The personal data involved differed between individuals but may have included names, email addresses, phone numbers, unencrypted passport numbers, arrival/departure information, guests' VIP status and loyalty programme membership number," it said.
"Millions of people's data were affected by Marriott's failure... When a business fails to look after customers' data, the impact is not just a possible fine, what matters most is the public whose data they had a duty to protect," she said.
News URL
Related news
- US drug testing firm says data breach impacted 3.3 million people (source)
- US drug testing firm DISA says data breach impacts 3.3 million people (source)
- US health system notifies 882,000 patients of August 2023 breach (source)
- HPE notifies employees of data breach after Russian Office 365 hack (source)
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- Fintech giant Finastra notifies victims of October data breach (source)
- Background check, drug testing provider DISA suffers data breach (source)
- Data breach at Japanese telecom giant NTT hits 18,000 companies (source)
- PowerSchool previously hacked in August, months before data breach (source)
- Western Alliance Bank notifies 21,899 customers of data breach (source)