Go Back  FlyerTalk Forums > Miles&Points > Hotels and Places to Stay > Marriott | Marriott Bonvoy
Reload this Page >

Marriott fined $124M USD by UK Privacy Office

Marriott fined $124M USD by UK Privacy Office

Old Jul 9, 19, 10:03 am
  #1  
Original Poster
 
Join Date: Aug 2018
Programs: AMEX Centurion, UA Gold, Stariott Plat., HH Gold, National EE, Hertz PC
Posts: 244
Marriott fined $124M USD by UK Privacy Office

Don't think I've seen this posted on FT yet, fresh off the press. They're being fined because of the data breach last year.

Marriott's data breach deserves $124M fine, UK privacy watchdog says
In November 2018, the Marriott hotel group revealed it had been the victim of a four-year campaign by hackers to steal customer data from its reservations system. Now it's going to have to pay the price for failing to keep that data safe.

The Information Commissioner's Office, the UK's privacy watchdog, announced Tuesday that it intends to fine Marriott £99.2 million ($124M) over the security breach. It's issuing the fine in accordance with the General Data Protection Regulation, the far-reaching EU-wide privacy law introduced in May 2018.

https://www.cnet.com/news/uk-privacy...r-data-breach/
secretalcoholic is offline  
Old Jul 9, 19, 10:06 am
  #2  
FlyerTalk Evangelist
 
Join Date: Sep 2003
Location: DL Silver, HH Diamond, IHG Plat, BW Diamond
Posts: 25,991
I wish all governments would do this. It seems that big companies don’t have any incentives to keep our data secure.
Jaimito Cartero is offline  
Old Jul 9, 19, 10:22 am
  #3  
 
Join Date: Oct 2010
Posts: 259
Originally Posted by Jaimito Cartero View Post
I wish all governments would do this. It seems that big companies don’t have any incentives to keep our data secure.
And who do you think will end up paying for this?
CosmicGirl is offline  
Old Jul 9, 19, 10:26 am
  #4  
 
Join Date: Apr 2003
Location: DEN/BDL/LGA/HPN
Programs: Marriott Ambassador; AA EXP 2MM; AS MVP, Hilton Gold, CH-47/UH-60/C-23/C-130 VET
Posts: 5,236
Originally Posted by Jaimito Cartero View Post
I wish all governments would do this. It seems that big companies don’t have any incentives to keep our data secure.
Of course here, its a government stealing the data from the big company.
C17PSGR is offline  
Old Jul 9, 19, 10:57 am
  #5  
Hilton Contributor Badge
 
Join Date: Feb 2008
Location: In the air
Programs: BA Gold, Marriott Amb, Hilton Diamond, AMEX Plat
Posts: 6,295
Originally Posted by CosmicGirl View Post
And who do you think will end up paying for this?
I think what will happen is Marriott might make more of an investment in their security to make hacks less likely in the future.

I assume your suggestion is that Marriott will simply pass on all the cost to their franchises who will pass all the costs onto their customers. Firstly, I’d say security is part of the Marriott product I’d be willing to pay for. Secondly, contrary to what always seems to be suggested in the American press, the experience of countries with stronger consumer protection have not seen the costs passed onto consumers. Think about it for a second: If Marriott hotels could all be $10 a night more and retain their attractiveness, they’d already have done it.
jerry305 likes this.
EuropeanPete is online now  
Old Jul 9, 19, 10:59 am
  #6  
Hilton Contributor Badge
 
Join Date: Feb 2008
Location: In the air
Programs: BA Gold, Marriott Amb, Hilton Diamond, AMEX Plat
Posts: 6,295
I said this would happen, though I’m rather surprised to see the UK do this before any other EU country given the show there at the moment. I wouldn’t be surprised if there is more to come.

Last edited by hhoope01; Jul 9, 19 at 11:09 am Reason: Removal of vulgar language per FT Rule 16.
EuropeanPete is online now  
Old Jul 9, 19, 11:16 am
  #7  
FlyerTalk Evangelist
 
Join Date: Nov 2011
Location: Brighton. UK
Programs: BA Gold / VS /IHG Platinum & Ambassador
Posts: 10,626
Originally Posted by EuropeanPete View Post
I said this would happen, though I’m rather surprised to see the UK do this before any other EU country given the show there at the moment. I wouldn’t be surprised if there is more to come.
The UK Information Commissioner is acting on behalf of all the other EU national information regulators as part of a 'one stop shop' provision. Same as with the BA case.

https://ico.org.uk/about-the-ico/new...r-data-breach/
The ICO has been investigating this case as lead supervisory authority on behalf of other EU Member State data protection authorities. It has also liaised with other regulators. Under the GDPR ‘one stop shop’ provisions the data protection authorities in the EU whose residents have been affected will also have the chance to comment on the ICO’s findings.The ICO will consider carefully the representations made by the company and the other concerned data protection authorities before it takes its final decision.
EuropeanPete likes this.
UKtravelbear is online now  
Old Jul 9, 19, 11:23 am
  #8  
 
Join Date: Apr 2003
Location: DEN/BDL/LGA/HPN
Programs: Marriott Ambassador; AA EXP 2MM; AS MVP, Hilton Gold, CH-47/UH-60/C-23/C-130 VET
Posts: 5,236
Originally Posted by EuropeanPete View Post


I think what will happen is Marriott might make more of an investment in their security to make hacks less likely in the future.

I assume your suggestion is that Marriott will simply pass on all the cost to their franchises who will pass all the costs onto their customers. Firstly, I’d say security is part of the Marriott product I’d be willing to pay for. Secondly, contrary to what always seems to be suggested in the American press, the experience of countries with stronger consumer protection have not seen the costs passed onto consumers. Think about it for a second: If Marriott hotels could all be $10 a night more and retain their attractiveness, they’d already have done it.
All good points but the real issue is that the UK FO needs to call in a certain Ambassador (and not a Bonvoy Ambassador) and demand that this conduct cease. Marriott won't do it because they want to keep expanding.

The reality is that no company can guarantee IT security when the data is being harvested by a sophisticated state actor.
C17PSGR is offline  
Old Jul 9, 19, 2:40 pm
  #9  
FlyerTalk Evangelist
 
Join Date: Oct 2001
Location: check foursquare
Programs: Delta DM & 2MM, SPG Lifetime Plat, Hyatt, AA, HH Gold, $tarbucks Titanium
Posts: 14,346
Nice to see Marriott being punished for their lack of investment in, and prioritization of IT! This merger with Starwood was not the success Arne thinks it was.
itsaboutthejourney is offline  
Old Jul 9, 19, 3:22 pm
  #10  
Hilton Contributor Badge
 
Join Date: Feb 2008
Location: In the air
Programs: BA Gold, Marriott Amb, Hilton Diamond, AMEX Plat
Posts: 6,295
Originally Posted by C17PSGR View Post
All good points but the real issue is that the UK FO needs to call in a certain Ambassador (and not a Bonvoy Ambassador) and demand that this conduct cease. Marriott won't do it because they want to keep expanding.

The reality is that no company can guarantee IT security when the data is being harvested by a sophisticated state actor.
I think the UK diplomatic service is a bit busy at the moment
EuropeanPete is online now  

Thread Tools
Search this Thread