Cookies on HFTP Bytes

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us give you the best possible user experience.
By using the site, you consent to the placement of these cookies. However, you can change your cookie settings at any time. Read our Privacy Notice to learn more.

I understand
3 December 2018

Marriott’s Starwood Data Breach Joins a Decade-Long List of Hotel Data Exposures

  • Marriott’s Starwood Data Breach Joins a Decade-Long List of Hotel Data ExposuresMarriott’s Starwood Data Breach Joins a Decade-Long List of Hotel Data Exposures

Several years ago, the hotel industry fought U.S. federal watchdog efforts to fine chains for negligent data protection practices, arguing that hotels had things under control. Hmm. A rash of hotel security incidents since then undercuts the claims of hotels, which need to take a more bank-like approach to data protection.

When Marriott International revealed a massive security breach at Starwood-branded properties, it joined an unfortunate long line of guest data breaches by hoteliers.

The scope of the breach at the worlds largest hotel group is more spectacular than any other in travel to date. Marriott said the breach affected hundreds of millions of customers who stayed at Starwood-branded properties between 2014 and September 10.

POTENTIAL RECORD FINES

The breach may also expose parent company, Marriott, to record fines because, unlike most past breaches, some of the activity appeared to happen after Europe put into place General Data Protection Regulation (GDPR) in May 2018 that boosts fines for violations of some types of data security.

Exact fine estimates are impossible to gauge, but experts said the prospective range would be potentially higher than the spectrum used by European Union and U.S. officials in the past. European officials have the discretion to fine companies up to 4 percent of annual revenue in the year preceding a data protection incident.

Other investigations are in the offing. On Friday, the New York attorney generals office said it would open an investigation into the breach.

That office has had success in pursuing prosecutions before. In 2017, Hilton Worldwide agreed to pay a $700,000 fine to the state of New York after data security failures exposed more than 350,000 credit card numbers in two breaches in 2015.

Read the full article at skift Inc.


Safety & SecurityLodging IndustryGlobal

Request Information

Thank you for your request, we will get back to you as soon as possible.
Close
Please enter your contact details below and we will get back to you with the requested information as soon as possible.
An error occured, please check your input and try again.


CancelSubmit

Newletter

Thank you for subscribing. Your email address has been added to our mailing list.
Close
To subscribe to the HITEC Bytes Newsletter please enter your email address below.
An error occured, please check your input and try again.
CancelSubscribe