Marriott agrees to pay $52 million, beef up data security to resolve probes over data breaches

Date:

Share post:


Marriott International has agreed to pay $52 million and make changes to bolster its data security to resolve state and federal claims related to major data breaches that affected more than 300 million of its customers worldwide.

The Federal Trade Commission and a group of attorneys general from 49 states and the District of Columbia announced the terms of separate settlements with Marriott on Wednesday. The FTC and the states ran parallel investigations into three data breaches, which took place between 2014 and 2020.

As a result of the data breaches, “malicious actors” obtained the passport information, payment card numbers, loyalty numbers, dates of birth, email addresses and/or personal information from hundreds of millions of consumers, according to the FTC’s proposed complaint.

The FTC claimed that Marriott and subsidiary Starwood Hotels & Resorts Worldwide’s poor data security practices led to the breaches.

Specifically, the agency alleged that the hotel operator failed to secure its computer system with appropriate password controls, network monitoring or other practices to safeguard data.

As part of its proposed settlement with the FTC, Marriott agreed to “implement a robust information security program” and provide all of its U.S. customers with a way to request that any personal information associated with their email address or loyalty rewards account number be deleted.

Marriott also settled similar claims brought by the group of attorneys general. In addition to agreeing to strengthen its data security practices, the hotel operator also will pay $52 million penalty to be split by the states.

In a statement on its website Wednesday, Bethesda, Maryland-based Marriott noted that it made no admission of liability as part of its agreements with the FTC and states. It also said it has already put in place data privacy and information security enhancements.

In early 2020, Marriott noticed that an unexpected amount of guest information was accessed using login credentials of two employees at a franchised property. At the time, the company estimated that the personal data of about 5.2. million guests worldwide might have been affected.

In November 2018, Marriott announced a massive data breach in which hackers accessed information on as many as 383 million guests. In that case, Marriott said unencrypted passport numbers for at least 5.25 million guests were accessed, as well as credit card information for 8.6 million guests. The affected hotel brands were operated by Starwood before it was acquired by Marriott in 2016.

The FBI led the investigation of that data theft, and investigators suspected the hackers were working on behalf of the Chinese Ministry of State Security, the rough equivalent of the CIA.



Source link

Lisa Holden
Lisa Holden
Lisa Holden is a news writer for LinkDaddy News. She writes health, sport, tech, and more. Some of her favorite topics include the latest trends in fitness and wellness, the best ways to use technology to improve your life, and the latest developments in medical research.

Recent posts

Related articles

What you need to know about the proposed measures designed to curb Google's search monopoly

U.S. regulators are proposing aggressive measures to restore competition to the online search market after a federal...

Average rate on a 30-year mortgage in the US rises to highest level since July

The average rate on a 30-year mortgage in the U.S. edged closer to 7% this week as...

The biggest remaining unsanctioned Russian bank hit with U.S. sanctions, nearly three years into war

WASHINGTON -- Russia's third largest bank, Gazprombank and its six foreign subsidiaries were hit with U.S. sanctions...

Kenya cancels airport and energy deals with Adani group after the U.S. indicts the tycoon

NAIROBI, Kenya -- Kenya’s president said Thursday he has cancelled multimillion-dollar airport expansion and energy deals with...

North Korea and Russia agree to expand their economic cooperation

SEOUL, South Korea -- North Korea and Russia reached a new agreement for expanding economic cooperation following...

Stock market today: Asian shares mostly slip despite Nvidia's solid earnings report

TOKYO -- Asian shares were mostly lower on Thursday after a mixed close on Wall Street, with...

Feds outline 'necessary steps' for Colorado River agreement by 2026 but no recommendation yet

LAS VEGAS -- Federal water officials made public on Wednesday what they called “necessary steps” for seven...

A social media ban for children younger than 16 is introduced in Australia's Parliament

MELBOURNE, Australia -- Australia’s communications minister introduced a world-first law into Parliament on Thursday that would ban...