Marriott International faces class action lawsuit for massive data breach | Business


The Marriott International hotel group is facing a class action lawsuit in the High Court in London from millions of customers, who seek compensation after their personal data was stolen in one of the world’s largest data breaches.Martin Bryant, a technology consultant, is leading the lawsuit on behalf of people living in England or Wales who have booked a stay at one of Marriott International’s Starwood properties before September 10, 2018.

Those who have booked rooms at any of the affected hotels around the world, including Marriott’s W, Sheraton Hotels & Resorts, Westin Hotels & Resorts, and Le Méridien Hotel & Resorts, will automatically be included in the trial, unless that they do not decide to withdraw.

Marriott International revealed in September 2018 that personal data, including credit card details, passport numbers and birthdates of more than 300 million people, had been stolen in a hack of its database. global customer reservation data.

When the group investigated the breach, they discovered that unauthorized access to their systems had been going on since 2014 and unidentified hackers had stolen details from 339 million guests.

Bryant said he brought the case because consumers “don’t always realize the risks we face when our data is compromised through no fault of our own.”

“I hope this case will raise awareness of the value of our personal data, result in fair compensation… and also inform other data owners that they must maintain our data responsibly,” he said.

Bryant is represented by the Hausfeld law firm and the claim is funded by Harbor Litigation Funding.

Michael Bywell, partner at Hausfeld, said Marriott International had failed for several years “to take adequate technical or organizational measures to protect the millions of personal data of their customers entrusted to them.”

Marriott International declined to comment on the High Court trial.

The UK’s data watchdog, the Information Commissioner’s Office (ICO), in July 2019 revealed its intention to fine Marriott International nearly £ 100million in the wake of the the data breach.

The ICO proposed a fine of £ 99.2million to Marriott, after finding that around 7million customers whose files had been hacked were residents of the UK.

Marriott appealed the fine through submissions to the regulator. The company and the ICO have agreed to extend the regulatory process until September 30, after which the regulator will make its final decision.

The ICO’s proposed fine for Marriott International was one of two hefty penalties it proposed using breach-related powers under the EU’s General Data Protection Regulation (GDPR), which entered into force in 2018 and authorizes fines of up to 4% of revenue, depending on the severity of security failures.

British Airways has been fined £ 183million by the ICO for hacking the personal data of half a million of its customers, the watchdog’s first GDPR fine, which the airline is appealing against .

Before the introduction of GDPR, internet service provider TalkTalk was fined £ 400,000 in 2016 for security breaches that led to a cyber attack.

The firm was run at the time of the hack by Dido Harding, recently appointed head of the new National Institute for Health Protection.

Sign up for the daily Business Today email or follow Guardian Business on Twitter at @BusinessDesk

The lawsuit against Marriott International would serve as a reminder to companies of the penalties they might face for not prioritizing cybersecurity, said Stuart Reed, UK director of IT service provider Orange Cyberdefense.

“It is essential that all organizations exercise the utmost care and due diligence when applying the relevant processes and procedures for good data hygiene,” he said.

“Cybersecurity is everyone’s responsibility in the organization. Ongoing training and awareness raising for employees, from the board level, is essential to ensure a layered approach to people, processes and technology, and to avoid costly breaches of customer data. “


Please enter your comment!
Please enter your name here