WASHINGTON (Reuters) -The U.S. Federal Trade Commission announced on Wednesday that it will require Marriott International and its subsidiary Starwood Hotels & Resorts Worldwide to implement an information security program to address multiple data breaches that occurred between 2014 and 2020.
According to the FTC, these three significant data breaches affected over 344 million customers globally. Samuel Levine, Director of the FTC’s Bureau of Consumer Protection, stated, “Marriott’s poor security practices led to multiple breaches affecting hundreds of millions of customers. The FTC’s action, in collaboration with state partners, will ensure that Marriott enhances its data security practices at hotels worldwide.”
As part of the settlement, Marriott and Starwood have agreed to offer U.S. customers the option to request the deletion of personal information linked to their email address or loyalty rewards account number. Additionally, Marriott will review loyalty rewards accounts per customer request and restore any stolen loyalty points, as stated by the FTC.
Furthermore, in a separate agreement disclosed on the same day, Marriott will pay a $52 million penalty to 49 states and the District of Columbia to settle similar data security allegations, the FTC revealed.
Marriott responded to the settlement by stating, “Protecting guests’ personal data remains a top priority for Marriott. These resolutions reaffirm the company’s ongoing dedication to maintaining and adapting its programs and systems to assess, identify, and manage risks from evolving cybersecurity threats.”
“As indicated in the agreements with the FTC and the state Attorneys General, Marriott makes no admission of liability with respect to the underlying allegations,” the statement added.
In addition to these legal challenges, Marriott faced a class action lawsuit in London in 2020, filed by millions of former guests seeking compensation after their personal records were compromised in one of the largest data breaches in history.
In conclusion, data security breaches can have far-reaching consequences for both customers and businesses, as demonstrated by the actions taken against Marriott and Starwood. It is essential for companies to prioritize the protection of personal data to maintain trust with their customers and avoid costly penalties and lawsuits.
For more trending news articles on topics like cybersecurity and data breaches, be sure to visit DeFi Daily News for the latest updates and insights.
