Marriott Fined $123 Million For 2018 Security Breach

The UK Information Commissioner’s Office (ICO) issued the European General Data Protection Regulation (GDPR) fine against Marriott as the result of a major security breach in 2018 that resulted in more than 339 million guest records being exposed. The $123 million GDPR fine is approximately 3 percent of the company’s $3.6 billion in global annual revenue. The maximum fine under the GDPR rules can now be as much as 4 percent of global annual turnover.

The one aspect of the Marriott security breach that was most troubling was just how long it took the company to figure out the size and extent of the breach, and then to report it to the relevant authorities. The security breach actually dates back to 2014. When Marriott uncovered the data breach in September 2018, it waited until November 2018 to report it to the authorities.  This flies in direct contravention of the GDPR, which specifically notes that any security breaches must be reported in a timely manner to any EU data subjects that have been the victim of a breach.

Similar laws are now in effect in Canada, called PIPEDA, Personal Information Protection Electronic Documents Act. If you suffer a breach you must inform the Privacy Commissioner of the breach – click on above link for details.

The full story of the Mariott breach fine is here

Contact Us Now! Complete the form below or call 1- 800 263 3433


    Recent Comments
      Copyright © 2017-2019. All rights reserved.
      WP to LinkedIn Auto Publish Powered By :