United Kingdom
United States
Asia Pacific
Marriott sued in London High Court over data breach
Marriott International is facing a lawsuit in London’s High Court for its alleged failure to protect the personal data of millions of guests in one of the largest data breaches in corporate history.
Technology journalist Martin Bryant has filed a collective action lawsuit on behalf of seven million guests in England and Wales whose personal data was stolen after they’d bookings through Starwood Hotels group, which is now part of Marriott International.
The security breach occurred between July 2014 and September 2018 and led to guests’ home and email addresses, credit card details and passport information being stolen, as well as their phone numbers.
It affected guests who’d booked rooms at several Starwood brand hotels, including W Hotels (above), Sheraton, Le Meridien. Marriott also faces several lawsuits by customers in North America as a result of the data breach, which is believed to have affected more than 380m guests worldwide.
Mr Bryant is claiming damages for loss of control of personal data using the Data Protection Act 1998 and the EU’s General Data Protection Regulation (GDPR).
Data privacy expert Darren Wray of Guardum said: "In my opinion, this will be the first of many such court cases that will follow on the back of high profile data breaches that have taken place since the introduction of the GDPR in May 2018.
"Companies need to be proactive right now to ensure that they don’t find themselves in the High Court attempt to defend a breach. Ensuring that they have the right processes and procedures in place so breaches are spotted and dealt with quickly and efficiently goes a long way with judges and regulators alike, as does ensuring that personal data is deleted or redacted at the end of its life."
Marriott revealed earlier this year that it had again fallen victim to hackers, this time affecting around 5.2 million guests.
Cruise giant Carnival admitted this week that it had also been hacked, for the second time in five months. In the latest attack, it is believed that guest and staff data was stolen.
The UK’s data protection regulator, the Information Commissioner’s Office, announced in July last year it was planning to fine Marriott £99m over the data breach following an investigation. A final decision on the fine is expected next month.
By Linsey McNeill, Editor (UK)
Related News Stories:
Linsey McNeill
Editor Linsey McNeill has been writing about travel for more than three decades. Bylines include The Times, Telegraph, Observer, Guardian and Which? plus the South China Morning Post. She also shares insider tips on thetraveljournalist.co.uk
Kittipong Prapattong’s Plan for Thailand’s Tourism Growth: Taxes, Visas, and Campaigns
James Jin: Didatravel’s Journey from China to Global Reach and the Impact of AI on Travel
Darien Schaefer on Pensacola’s Evolution: From Small Town to Global Destination
Florida Tourism’s Next Frontier: Dana Young on Expanding Beyond the Classics
Patrick Harrison on Tampa Bay Tourism’s Resilience and Marketing Strategy
Bubba O’Keefe on Clarksdale’s Vibrant Music Scene
Commemorating Elvis and Embracing Tupelo’s Culture with Jennie Bradford Curlee
Craig Ray and the Expansion of the Blues Trail
Presenting Mississippi’s Cultural Trails with Katie Coats
Robert Terrell: A Journey Through BB King’s Influence
Rochelle Hicks: Celebrating Mississippi’s Musical Legacy
Exploring Jacksonville with Katie Mitura: The Flip Side of Florida
Dozens fall ill in P&O Cruises ship outbreak
Turkish Airlines flight in emergency landing after pilot dies
Boy falls to death on cruise ship
Protestors now targeting Amsterdam cruise calls
Unexpected wave rocks cruise ship