Marriott agreed to pay a $52 million settlement to 49 states and Washington, DC, over a series of data breaches that occurred between 2014 and 2020, affecting more than 334 million customers. As part of a separate agreement, the Federal Trade Commission is also requiring Marriott and its subsidiary, Starwood Hotels & Resorts Worldwide, to implement an information security program to settle charges over the data breaches.
Technology
- Home
- Technology
- News
Marriott agrees to pay $52 million settlement after multiple data breaches
The FTC is also requiring Marriott and its Starwood subsidiary to implement an information security program to settle charges over three data breaches that occurred between 2020 and 2024, affecting 334 million customers.
Published 8 ماہ قبل on اکتوبر 16 2024، 10:00 صبح
By Web Desk
“Marriott’s poor security practices led to multiple breaches affecting hundreds of millions of customers,” Samuel Levine, the director of the FTC’s Bureau of Consumer Protection, said in a statement. “The FTC’s action today, in coordination with our state partners, will ensure that Marriott improves its data security practices in hotels around the globe.”
The FTC says Marriott and Starwood, which it acquired in 2016, deceived customers by claiming to have reasonable and appropriate data security, but instead left them vulnerable to breaches. The FTC’s complaint alleges that Marriott failed to implement appropriate password controls, firewall controls, or network segmentation. The company failed to patch outdated software and systems and didn’t deploy multifactor authentication, according to the FTC.
In one incident, discovered in 2020, hackers stole approximately 20GB of employee and customer data from the BWI Airport Marriott in Baltimore, Maryland. The data included confidential business documents and customer payment information, including credit card authorization forms.
As part of the settlement, Marriott has agreed to give all US customers a way to request that any personal information associated with their email addresses or loyalty rewards account numbers be deleted. According to the FTC, customers’ passport information, debit and credit card numbers, dates of birth, email addresses, loyalty numbers, and other information were exposed in the breaches. Marriott is also required to review rewards accounts and restore customers’ stolen rewards points upon request.
PTI founder Imran Khan refuses polygraphic test for fourth time
- 15 گھنٹے قبل
Govt announces special discount on train fares for Eid al-Adha
- 15 گھنٹے قبل
How much work is too much in a relationship?
- 2 گھنٹے قبل
NBA Finals first look: 7 things to know ahead of Thunder-Pacers
- 3 گھنٹے قبل
Tesla’s iPhone app now supports Live Activities for Supercharging
- 4 گھنٹے قبل
.jpg&w=3840&q=75)
TikToker Sana Yousuf shot dead in Islamabad
- 10 گھنٹے قبل
Earthquake in Karachi, over 200 prisoners escape from Malir Jail
- ایک گھنٹہ قبل
Punjab, KP PDMAs issue wind and rain alerts till Thursday
- 11 گھنٹے قبل
Pacquiao promises 'the old Manny' in July return
- 3 گھنٹے قبل
Germany’s defense chief warns NATO to prepare for possible Russian attack by 2029
- 13 گھنٹے قبل
Balochistan is part of Pakistan and can never be separated: DG ISPR
- 43 منٹ قبل
OIC urges to uphold Indus Water Treaty
- 5 منٹ قبل
You May Like
Trending
