top of page

The law is also catching up on large organisations that suffered data breaches

In November 2018, New York's Attorney General announced that her office will commence investigation into a major data breach impacting the global hotel chain Marriott. As many as 500 million guests who have stayed at Marriott hotels over the years could have been affected in the security breach, which may be among the largest on record. 

In announcing the move, the AG said residents need to know that their personal information is safe after Marriott revealed unauthorized access to data within its Starwood network has been taking place since 2014 in what may be among the largest data breaches on record.

Marriott acquired Starwood in 2016 and the process of merging its computer system with Starwood computers has been marred by technical glitches. The company manages more than 6,700 properties across the globe. In a regulatory filing the company said it’s premature to estimate the financial impact and they are currently working with its insurance carriers to assess coverage.

The Starwood breach stands out among even the largest security hacks on record. Hilton had two separate data breaches that exposed more than 350,000 credit card numbers. One breach began in November 2014 and another in April 2015. Yahoo had a data breaches in 2013 and 2014 that impacted about 3 billion of its accounts. Target also had an incident in 2013 that affected more than 41 million customer payment card accounts and exposed contact information for more than 60 million customers. Last year, Equifax disclosed a data breach that affected more than 145 million people.

It would be interesting and we look forward to the results of the investigation by the AG's office and what sort of penalties or actions that the AG would take against Marriott for the breach that potentially could affect 500 million individuals.

bottom of page