Security News > 2020 > October > Britain Fines US Hotel Chain Marriott Over Data Breach

Britain's data privacy watchdog on Friday said it has fined US hotels group Marriott over a data breach affecting millions of customers worldwide.
The UK Information Commissioner's Office said in a statement it fined Marriott £18.4 million for breaches of data that included personal information such as passport numbers since March 2018.
Since the breach occurred before Britain left the European Union, the ICO investigated on behalf of all EU authorities as lead supervisory authority under the GDPR. The ICO said Marriott's breach in fact dated back to 2014, uncovering client data including passport numbers.
"The personal data involved differed between individuals but may have included names, email addresses, phone numbers, unencrypted passport numbers, arrival/departure information, guests' VIP status and loyalty programme membership number," it said.
"Millions of people's data were affected by Marriott's failure... When a business fails to look after customers' data, the impact is not just a possible fine, what matters most is the public whose data they had a duty to protect," she said.
News URL
Related news
- Hertz data breach: Customers in US, EU, UK, Australia and Canada affected (source)
- Texas State Bar warns of data breach after INC ransomware claims attack (source)
- Food giant WK Kellogg discloses data breach linked to Clop ransomware (source)
- The quiet data breach hiding in AI workflows (source)
- Hertz confirms customer info, drivers' licenses stolen in data breach (source)
- Landmark Admin data breach impact now reaches 1.6 million people (source)
- Entertainment services giant Legends International discloses data breach (source)
- 2025 Data Breach Investigations Report: Third-party breaches double (source)
- Yale New Haven Health data breach affects 5.5 million patients (source)
- Frederick Health data breach impacts nearly 1 million patients (source)