United Kingdom
United States
Asia Pacific
Marriott sued in London High Court over data breach
Marriott International is facing a lawsuit in London’s High Court for its alleged failure to protect the personal data of millions of guests in one of the largest data breaches in corporate history.
Technology journalist Martin Bryant has filed a collective action lawsuit on behalf of seven million guests in England and Wales whose personal data was stolen after they’d bookings through Starwood Hotels group, which is now part of Marriott International.
The security breach occurred between July 2014 and September 2018 and led to guests’ home and email addresses, credit card details and passport information being stolen, as well as their phone numbers.
It affected guests who’d booked rooms at several Starwood brand hotels, including W Hotels (above), Sheraton, Le Meridien. Marriott also faces several lawsuits by customers in North America as a result of the data breach, which is believed to have affected more than 380m guests worldwide.
Mr Bryant is claiming damages for loss of control of personal data using the Data Protection Act 1998 and the EU’s General Data Protection Regulation (GDPR).
Data privacy expert Darren Wray of Guardum said: "In my opinion, this will be the first of many such court cases that will follow on the back of high profile data breaches that have taken place since the introduction of the GDPR in May 2018.
"Companies need to be proactive right now to ensure that they don’t find themselves in the High Court attempt to defend a breach. Ensuring that they have the right processes and procedures in place so breaches are spotted and dealt with quickly and efficiently goes a long way with judges and regulators alike, as does ensuring that personal data is deleted or redacted at the end of its life."
Marriott revealed earlier this year that it had again fallen victim to hackers, this time affecting around 5.2 million guests.
Cruise giant Carnival admitted this week that it had also been hacked, for the second time in five months. In the latest attack, it is believed that guest and staff data was stolen.
The UK’s data protection regulator, the Information Commissioner’s Office, announced in July last year it was planning to fine Marriott £99m over the data breach following an investigation. A final decision on the fine is expected next month.
By Linsey McNeill, Editor (UK)
Linsey McNeill
Editor Linsey McNeill has been writing about travel for more than three decades. Bylines include The Times, Telegraph, Observer, Guardian and Which? plus the South China Morning Post. She also shares insider tips on thetraveljournalist.co.uk
Tony from Gatto’s Pizza on Columbus’s Unique Pizza Trail
Sophia Hyder Hock on Global Social Inclusion in Tourism
Sustainable Tourism: Don Welsh on Community Values and Global Collaboration
Jane Cunningham: Enhancing European Engagement in Tourism
Kristin Dunne: Navigating Destination Strategy
Revolutionizing Mobile Connectivity: Boris Bijlstra on HUBBY eSIM
Capturing Glasgow’s Vibrancy: An Interview with Susan Deighan, Chief Executive of Glasgow Life
Lebua Hotel & Resorts: Rajan Khurana on Hospitality and Bangkok’s Charms
Sustainable Tourism and Growth: Insights from Chiravadee Khunsub from Tourism Authority of Thailand
Revolutionizing Travel: SmartSIM USA’s Dale Takio Unveils the Power of E Sims
TravelMole Interview with Hishan Singhawansa, Deputy CEO of Cinnamon Hotels & Resorts, Sri Lanka
Unveiling the Essence of Magari Tours: A Dive into Authentic Italian Experiences
Abercrombie & Kent hails $500 million funding boost
British Airways passengers endure 11-hour 'flight to nowhere'
CLIA: Anti-cruise demos could cause itinerary changes in Europe
Gatwick braces for strike
Co-pilot faints, easyJet flight issues ‘red alert’