- Associated Press - Tuesday, July 9, 2019

BETHESDA, Md. (AP) - Marriott says it will fight a $123 million U.K. government fine related to its massive data breach.

Marriott has the right to respond to the proposed fine before a final determination is made by the U.K.’s Information Commissioner’s Office. The agency says the breach violated the European Union’s data protection regulations.

Marriott announced last November that data from as many as 500 million guests at its Starwood hotels may have been compromised by unauthorized access dating to 2014.


TOP STORIES
Student's bus beating seen by millions on Twitter; mom says pro-Trump hat sparked attack
Rashida Tlaib deletes tweet blaming 'white supremacy' for New Jersey shooting
Melania Trump spox says Greta Thunberg fair game: Barron 'not an activist who travels the globe'


In January, the Bethesda, Maryland, company revised that figure to 323 million guests, and said around 25 million passport numbers may also have been compromised. Marriott has alerted affected guests.

In a statement issued Tuesday, the Information Commissioner’s Office said the breach affected 30 million European residents, including 7 million in the U.K. The agency found that Marriott failed to perform sufficient due diligence when it bought Starwood in 2016. It also said Marriott should have done more to secure its systems.



The Information Commissioner’s Office noted that Marriott has made improvements to its system since the breach was discovered.

In a statement, Marriott President and CEO Arne Sorenson said the company has assisted the Information Commissioner’s Office with its investigation. He said the breach was the result of a criminal attack.

“We are disappointed with this notice of intent from the ICO, which we will contest,” Sorenson said in a statement.

Marriott shares fell 1.5% to $139.20 in afternoon trading.

This is the second large fine announced by the Information Commissioner’s Office this week. On Monday, the agency proposed a $229 million fine against British Airways over a data breach that affected 500,000 customers. If that fine holds, it will be the largest levied yet under new, tougher European Union data protection regulations.

Sign up for Daily Newsletters

Manage Newsletters

Copyright © 2019 The Washington Times, LLC.

Please read our comment policy before commenting.

 

Click to Read More and View Comments

Click to Hide