UK Watchdog Fines Marriott £18.4m For Data Breach

The UK data protection watchdog, the Information Commissioner’s Office (ICO) has lowered its initial penalty against hotel chain Marriott International for a damaging data breach.

The “colossal” hack on Marriott International was first revealed to the world back in December 2018, and it affected the personal details and payment card data on up to 340 million people – dating right back to 2014.

The data breach actually happened when the systems of the Starwood hotels group were compromised in 2014.

Data breach

Marriott subsequently acquired Starwood in 2016, but the exposure of customer information was not discovered until 2018.

And to make matters worse, in April this year, Marriott confirmed it had suffered a second data breach, that had compromised the personal data of roughly 5.2 million guests around the world.

In July 2019 Marriot was handed a £99 million fine by the ICO for that first breach.

But now the ICO has confirmed it will fine Marriott £18.4million for “failing to keep customers’ personal data secure.”

The ICO said it had “considered representations from Marriott, the steps Marriott took to mitigate the effects of the incident and the economic impact of Covid-19 on their business before setting a final penalty.”

The ICO’s investigation “found that there were failures by Marriott to put appropriate technical or organisational measures in place to protect the personal data being processed on its systems, as required by the General Data Protection Regulation (GDPR).”

Precious data

“Personal data is precious and businesses have to look after it,” explained Information Commissioner, Elizabeth Denham. “Millions of people’s data was affected by Marriott’s failure; thousands contacted a helpline and others may have had to take action to protect their personal data because the company they trusted it with had not.”

“When a business fails to look after customers’ data, the impact is not just a possible fine, what matters most is the public whose data they had a duty to protect,” said Denham.

This is not the end of the woes for Marriott.

In August this year it was reported that Marriott is facing a class action lawsuit in the High Court in London, brought by millions of former guests demanding compensation.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Apple In Talks With Google To Bring Gemini AI To iPhones

Apple reportedly in talks with Google to use Gemini for generative AI tasks on iPhones…

17 mins ago

US Senators Voice Support For TikTok Bill

Some US senators say they support bill that could result in TikTok ban, while US…

48 mins ago

Government Wants Flying Taxis In Operation By 2028

Flying taxis could become reality in UK in next four years under new government action…

1 hour ago

SpaceX ‘Developing Spy Satellites’ For US Agency

SpaceX reportedly developing network of hundreds of low-orbit spy satellites for US intelligence agency under…

2 hours ago

Uber To Pay £149m In Settlement With Australian Taxi Drivers

Uber to pay £149m in settlement with Australian taxi drivers who alleged it used illegal…

2 hours ago

TikTok US Sales ‘Hit $16bn’, ByteDance Nears Meta In World Revenues

TikTok reportedly brought in $16bn in US last year, while parent ByteDance made $120bn worldwide,…

23 hours ago