Latest


UK watchdog fines Marriott 18.4mn pounds over data breach

  •   Mon, Nov 02 2020 06:24:43 PM

London, Nov 2 (IANS): The UK's Information Commissioner's Office (ICO) has fined Marriott International 18.4 million pounds (nearly $23.8 million) over a 2014 customer data breach.

The penalty announced last Friday is significantly lower than the 99 million pounds fine originally proposed in July 2019.

The ICO said before setting a final penalty, it considered representations from Marriott, the steps Marriott took to mitigate the effects of the incident and the economic impact of Covid-19 on their business.

Marriott estimates that 339 million guest records worldwide were affected following a cyberattack in 2014 on Starwood Hotels and Resorts Worldwide Inc.

The attack, from an unknown source, remained undetected until September 2018, by which time the company had been acquired by Marriott.

The personal data involved differed between individuals but may have included names, email addresses, phone numbers, unencrypted passport numbers, arrival/departure information, guests' VIP status and loyalty programme membership number.

The precise number of people affected is unclear as there may have been multiple records for an individual guest, ICO said, adding that seven million guest records related to people in the UK.

The ICO's investigation found that there were failures by Marriott to put appropriate technical or organisational measures in place to protect the personal data being processed on its systems, as required by the General Data Protection Regulation (GDPR).

"Personal data is precious and businesses have to look after it. Millions of people's data was affected by Marriott's failure; thousands contacted a helpline and others may have had to take action to protect their personal data because the company they trusted it with had not," Information Commissioner, Elizabeth Denham, said in a statement.

"When a business fails to look after customers' data, the impact is not just a possible fine, what matters most is the public whose data they had a duty to protect."

The ICO's investigation traced the cyberattack back to 2014, but the penalty only relates to the breach from 25 May 2018, when new rules under the GDPR came into effect.

 

 
  

Top Stories

'Galaxy Pride' offers budget-friendly flats in Bolar, ready to occupy by May first week

  •   13 hours ago   

Leave a Comment

Title: UK watchdog fines Marriott 18.4mn pounds over data breach



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.

You might also like