U.S. multinational hotel chain Marriott International has been ordered to pay $52 million and strengthen its data security practices to settle federal and state charges concerning data breaches between 2014 and 2020, which compromised more than 300 million customers around the world, according to The Associated Press.
Such breaches, which were pinned on the dismal security measures of Marriott and subsidiary Starwood Hotels & Resorts, resulted in the exfiltration of individuals' email addresses, birthdates, and other personal details, as well as their passport information, loyalty numbers, and payment card numbers, noted the Federal Trade Commission. Aside from adopting a more stringent information security program, Marriott has agreed to provide all U.S. customers with means to seek the deletion of compromised personal data. On the other hand, the monetary settlement will be divided across all 49 states and the District of Columbia.
