Marriott’s Starwood Data Breach Joins a Decade-Long List of Hotel Data Exposures
Skift Take
Several years ago, the hotel industry fought U.S. federal watchdog efforts to fine chains for negligent data protection practices, arguing that hotels had things under control. Hmm. A rash of hotel security incidents since then undercuts the claims of hotels, which need to take a more bank-like approach to data protection.
When Marriott International revealed a massive security breach at Starwood-branded properties, it joined an unfortunately long line of guest data breaches at hotel companies.
The scope of the breach at the world's largest hotel group is more spectacular than any other in travel publicized in history. Marriott said the breach affected hundreds of millions of customers who stayed at Starwood-branded properties between 2014 and September 10.
Potential Record Fines
The breach may also expose parent company Marriott to record fines because, unlike most past breaches, some of the activity appeared to happen after Europe put into place General Data Protection Regulation (GDPR) in May 2018, which boosted fines for violations of data security rules.
Exact fine estimates are impossible to gauge, but experts said the prospective range would be potentially higher than the spectrum used by European Union and U.S. officials in the past. European officials have the discretion to fine companie
