Marriott Agrees to $52 Million Settlement and Enhanced Data Security Following Major Breaches

download 2024 10 10T122907.869
FILE – A person walks past the San Francisco Marriott Union Square hotel on July 11, 2019, in San Francisco. (AP Photo/Jeff Chiu, File)

Marriott International has reached a $52 million settlement and committed to strengthening its data security measures to resolve investigations related to significant data breaches impacting over 300 million customers globally.

On Wednesday, the Federal Trade Commission (FTC) and attorneys general from 49 states and the District of Columbia announced the terms of separate settlements with Marriott. These investigations focused on three data breaches that occurred between 2014 and 2020.

The breaches allowed “malicious actors” to access sensitive customer information, including passport details, payment card numbers, loyalty account numbers, birth dates, email addresses, and other personal data, according to the FTC’s proposed complaint.

The FTC accused Marriott and its subsidiary, Starwood Hotels & Resorts Worldwide, of failing to implement adequate data security measures. The agency highlighted shortcomings in password controls, network monitoring, and other security practices that contributed to the breaches.

As part of the settlement with the FTC, Marriott will implement a comprehensive information security program and offer U.S. customers the option to request the deletion of personal information linked to their email addresses or loyalty account numbers.

In addition to the FTC settlement, Marriott agreed to similar terms with the attorneys general, including the $52 million penalty, which will be distributed among the states.

In a statement released on Wednesday, Bethesda, Maryland-based Marriott clarified that it did not admit liability as part of the settlements and emphasized that it has already initiated enhancements to its data privacy and security protocols.

In early 2020, Marriott discovered unauthorized access to guest information through the login credentials of two employees at a franchised property, affecting approximately 5.2 million guests worldwide.

In November 2018, Marriott disclosed a massive breach where hackers accessed information on as many as 383 million guests, including unencrypted passport numbers for at least 5.25 million guests and credit card details for 8.6 million. This breach involved hotel brands previously operated by Starwood, which Marriott acquired in 2016. The FBI led the investigation, suspecting that the hackers acted on behalf of the Chinese Ministry of State Security, akin to the CIA.

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post
101024CRYPFBI 1200x675 1

FBI Launches ‘NexFundAI’ Crypto Token to Combat Market Manipulation

Next Post
108045487 1728497238498 108045487 1728493354818 gettyimages 1794149442 ssp 7171

“AI Startup Writer Unveils Cost-Effective Model to Rival Industry Giants, Eyes $200 Million Fundraise”

Related Posts