Netease Technologies News July 10, according to foreign media reports, Marriott Group, an internationally renowned hotel chain, will be fined up to $124 million by British regulators for data leakage last year.
It is reported that last year, Marriott Group customer data leakage incident. The Office of the Information Commissioner (ICO) intends to impose a total fine of 99.2 million ($124 million) on Marriott Group.
In November 2018, Marriott revealed that hackers had invaded Starwoods customer reservation database since 2014. The company initially said that hackers had stolen information from about 500 million hotel guests. After a more comprehensive survey, Marriott later revised the total number of customers who leaked information to 383 million.
According to the post-analysis of the hackersbehavior, the hackers stole 383 million customer records, 18.5 million encrypted passport numbers, 5.25 million unencrypted passport numbers, 9.1 million encrypted payment card numbers and 385,000 valid card numbers at that time.
Hours after Marriott announced its security breach, class action began to pile up.
Today, the Office of the Information Commissioner of the United Kingdom says it intends to impose a huge fine on Marriott Group because Marriott violated the EU General Data Protection Regulation (GDP R).
Elizabeth Denham, the information commissioner, said, The GDP R clearly stipulates that institutions must be responsible for the personal data they hold. This includes the need for appropriate due diligence when cooperating or trading, as well as taking appropriate measures to assess the personal data obtained, and to assess how to protect these data.
Personal data has real value, so institutions have a legal responsibility to ensure their safety, just like any other asset, Denham said. If the agency fails to do so, we will not hesitate to take strong action when necessary to protect the rights of the public.
Marriott today said in a document submitted to the Securities and Exchange Commission that it plans to appeal the fine imposed by the Office of the Information Commissioner.
Arne Sorenson, president and CEO of Marriott International, said: We are disappointed with the notice of intent issued by the Office of the Information Commissioner of the United Kingdom, and we will defend it.
We deeply regret the occurrence of this incident. We attach great importance to the privacy and security of guest information, and will continue to strive to meet customershigh expectations of Marriott Hotel.
Solenson said Marriott had phased out the invaded Starwood reservation system earlier this year.
This is the second time that the Office of the Information Commissioner has announced plans to impose fines on large organizations that violate the General Data Protection Ordinance. The Office of the Information Commissioner announced yesterday that it plans to impose a fine of 183 million pounds ($230 million) on British Airways. Prior to that, British Airways failed to protect its website, leading to the leakage of customer payment details between April and June 2018. (Chen Chen)
Source: Responsible Editor of Netease Science and Technology Report: Wang Fengzhi_NT2541