Marriott Faces $123 Million Fine for Data Breach

After a data breach that exposed 339 million guest records around the world, violating the General Data Protection Regulation (GDPR), Marriott now faces an $124 million fine from United Kingdom regulators. As the breach affected 30 million Europeans, it fell under the jurisdiction of the GDPR, which sets standards for how companies collect, use, and store data. Marriott’s hack began in 2014 and was discovered in fall of 2018 and reportedly shortly after. Marriott said they plan to appeal any fine, according to a news article from CNN.

Divya Gupta, a lawyer at international firm Dorsey & Whitney, says that Marriott’s fine should be a wakeup call to companies with operations both in the United Kingdom and the United States. Gupta says,

“Marriott faces huge fines for a GDPR breach this week, a signal to other companies that the regulatory bodies are strictly enforcing the law to protect consumer personal data.”

Marriott Data Breach

Protecting Customer Data in the United States

Similar to the GDPR in Europe, many states have data privacy laws, with California leading the number of regulations with the California Consumer Privacy Act. To compare it to the GDPR, if only ten percent of the Europeans impacted by the Marriott breach were residents of California, the penalty would be a minimum of $300 billion instead of $124 million under the GDPR, according to Gupta. “For companies looking for the lesson here — this GDPR penalty is a paltry sum, compared to what is looming,” Gupta says.

Marriott and Amazon Alexa

In fall of 2018, Marriott integrated the voice assistant Amazon Alexa into its first hotel, the City Centre hotel in Charlotte, North Carolina. After, the Irvine Spectrum in Los Angeles would get Amazon Echo devices in all of their rooms. Last spring, Marriott tested the Alexa for Hospitality tool as well, allowing guests to order room service, change the TV and lighting, set alarms, and get weather and news updates from Alexa. Given Alexa’s past security issues secretly recording a family in Portland, for one, it will be interesting to see how guests react to Marriott’s most recent data breach.

Aliza Vigderman

Aliza Vigderman

Aliza is a journalist living in Brooklyn, New York. Throughout her career, her work has spanned many intersections within the tech industry. At SquareFoot, a New York-based real estate technology company, she wrote about the ways in which technology has changed the real estate industry, as well as the challenges that business owners face when they want to invest in property. At, an education technology website, Aliza created digital content for lifelong learners, exploring the ways in which technology has democratized education. Additionally, she has written articles for The Huffington Post as well as her own content on Medium, the online publishing platform. Aliza’s love of journalism and research stems from the excellent Journalism program at Brandeis University. At Brandeis, Aliza interned as a research assistant at the Schuster Institute for Investigative Journalism, a non-profit “news room without walls”. There, Aliza was paired with an investigative journalist and used academic databases to obtain data on everything from the suicide rates in Bhutan to local Boston court cases. Her last position was as an account executive at Yelp, educating business owners on the power of technology to increase revenue. Throughout, however, her heart remained with tech journalism, and she’s thrilled to be writing for Security Baron. When she’s not keeping afloat of the latest tech trends, Aliza likes to cook, read, and write. A former high school “Class Clown,” Aliza has completed two feature-length screenplays, a pilot, and countless comedic sketches. On her days off you can find her relaxing in Prospect Park, trying the latest flavors at Ample Hills Ice Cream, and spending time with friends and family.

Trending News

Follow Us