Marriott & Starwood Face $52M Settlement After Security Breaches

  /     /     /  
Publicated : 23/11/2024   Category : security


Marriott & Starwood Face $52M Settlement After Security Breaches


The hotel giant will be held to higher security standards in a series of proposed requirements, including implementing a new annually reviewed security program.



Marriott and its subsidiary Starwood Hotels have agreed to pay $52 million in fines and create a revamped information security program, in an Federal Trade Commission (FTC)-led settlement with 344 million customers who were impacted by three data breaches occurring between 2014 and 2020.
The hotel giant also agreed to provide its US customers with a way to request deletion of their personal information associated with their loyalty rewards account number or email address. In addition, they must implement a policy to retain the personal information of its customer only for as long as necessary to fulfill its purpose. Marriott also will be required to review loyalty rewards accounts upon request, and also reimburse stolen loyalty points.
 The FTCs action today, in coordination with our state partners, will ensure that Marriott improves its data security practices in hotels around the globe,
said Samuel Levine
, director of the FTCs Bureau of Consumer Protection.
The first breach began in June 2014 and involved the payment card information of more than 40,000 Starwood customers; it went undetected for 14 months, until November 2015.
Starwood faced its second breach in July 2014. That intrusion went undetected for years — until 2018, when 339 million Starwood guest accounts were revealed to have been accessed by malicious actors, exposing various data, including 5 million unencrypted passport numbers. 
And finally,
Marriott was breached again
in 2018, a breach that went undetected until February 2020. In that incident, 5.2 million guest records were accessed, nearly 2 million of them belonging to Americans. 
Going forward, Marriott and Starwood will have to certify compliance with the FTC annually for 20 years, and undergo independent third-party assessments every two years.

Last News

▸ Security Problem Growing for Dairy Queen, UPS & Retailers, Back off ◂
Discovered: 23/12/2024
Category: security

▸ Veritabile Defecte de Proiectare a Securitatii in Software -> Top 10 Software Security Design Flaws ◂
Discovered: 23/12/2024
Category: security

▸ Sony, XBox Targeted by DDoS Attacks, Hacktivist Threats ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Marriott & Starwood Face $52M Settlement After Security Breaches