ICO Reduces Marriott Data Breach Fine from £99.2 Million to £18.4 Million

    On October 30, 2020, the United Kingdom Information Commissioner’s Office (ICO) reduced a £99.2 million fine to £18.4 million (~$24.6 million) against Marriott International, Inc. for alleged General Data Protection Regulation (GDPR) violations regarding a four-year data breach that impacted Marriot-owned Starwood Hotels’ guest reservation database system from 2014 through 2018.

    The breach affected nearly 339 million individuals, and resulted in the release of information including “names, email addresses, phone numbers, passport numbers, arrival and departure information, VIP status and loyalty program numbers.”

    Read more at Verdict

    Need a Data Privacy, Protection, and Security expert?

    If you are in need of an expert with experience in data privacy and data security disputes, we invite you to consider DisputeSoft.