Jump directly to the content
NOT FINE

Marriott International hotel chain fined £99million for exposing millions of customers’ details

THE Marriott International Hotel chain will be fined £99million after a cyber security breach that left millions of customers' details exposed.

The cyber incident, which was reported to the Information Commissioner's Office in November 2018, affected 7 million UK residents and 44 million people in the European Economic Area.

Marriott Hotels could be fined £99million for breaking GDPR rules
1
Marriott Hotels could be fined £99million for breaking GDPR rulesCredit: Rex Features

The hotel giant revealed there had been "unauthorised access" to a network containing up to 500m of its guests' information - including passport details and credit card numbers.

The information included some combination of name, mailing address, phone number, email address, passport number, date of birth and other personal details.

Under GDPR, companies must be careful to protect consumer data or risk facing hefty fines.

Marriott's troubles are thought to have begun when the chain acquired Starwood Hotels in 2016.

Starwood had been compromised in 2014, but the breach wasn't discovered until after Marriott International bought the group.

The regulator's investigation decided that Marriott had not done its due diligence when it purchased Starwood Hotels and that it should have done more to secure the systems.

Marriott has co-operated with the ICO investigation and has made improvements to its security arrangements since these events came to light.

How to keep yourself safe from hackers and scammers

HERE's how to stay safe online.

  1. Make a 'strong' password with 8 or more characters and a combination of upper case characters, numbers and symbols
  2. Don't do online banking on public WiFi, unless absolutely necessary
  3. Don't click on dodgy email links claiming to be from banks
  4. Use different passwords for different sites
  5. Never re-use your main email password
  6. Use anti-virus software
  7. Don't accept Facebook friend requests or LinkedIn invitations from people you don't know
  8. Think before you put personal info on social media
  9. Find My iPhone, Android Lost and BlackBerry Protect all allow you to remotely wipe a stolen phone. Set this feature up
  10. Only shop online on secure sites
  11. Don't store your card details on websites
  12. Password protect your phone and other devices

 

The company is now able to appeal the fine, and make representations to the ICO on the proposed findings and sanction.

If the ICO does decide to fine £99million it will be the largest fine to date under the new GDPR rulings.

The regulator said it "will consider carefully the representations made by the company and the other concerned data protection authorities before it takes its final decision".

Any fines are paid into the Treasury’s Consolidated Fund and are not kept by ICO.

This is the government's main bank account where things like taxes are paid into.

Unfortunately, the ICO's ruling does not mean any redress for consumers who's details have been exposed.

But it is possible to try and get compensation for breaches.

You may have to show that the theft of your data has caused you "distress or inconvenience."

The claims procedure can begin once Marriott has been held responsible for the breach by the ICO and the appeal process has ended.

The airline has 28 days to appeal today's decision.

Information Commissioner Elizabeth Denham said: GDPR makes it clear that organisations must be accountable for the personal data they hold.

"This can include carrying out proper due diligence when making a corporate acquisition.

“Personal data has a real value so organisations have a legal duty to ensure its security, just like they would do with any other asset.

"If that doesn’t happen, we will not hesitate to take strong action when necessary to protect the rights of the public.”

MORE ON MONEY NEWS

Top TV chef 'heartbroken' after closing 'cornerstone of his existence’
LAST ORDERS

Top TV chef 'heartbroken' after closing 'cornerstone of his existence’

Four key heat-loss hotspots around the home adding £1,295 to YOUR energy bill
BILL BLAST

Four key heat-loss hotspots around the home adding £1,295 to YOUR energy bill

HMRC urges anyone who wears a uniform to work to check if they can claim £100s
TAKE NOTE 

HMRC urges anyone who wears a uniform to work to check if they can claim £100s

Cadbury confirms it has discontinued a popular Christmas chocolate bar
GOING GONE

Cadbury confirms it has discontinued a popular Christmas chocolate bar

How British Airways customers can apply for compensation and protect themselves from fraud after airline exposed 400,000 card details.

Scam alert - Fraudsters con people out of thousands with FAKE GDPR emails.

Warning for Npower customers as energy giant exposes details of 5,000 customers in letters.

British Airways data breach - how many customers are affected by the hack and how can you check your details are safe?
Topics
YOU MIGHT LIKE
RECOMMENDED FOR YOU
MORE FOR YOU