Marriott to 'vigorously defend' £99m fine over huge data breach
Marriott International announced on Tuesday that it has been informed by the UK Information Commissioner's Office (ICO) of its intention to issue a fine of £99.2m against the company in relation to the Starwood guest reservation database incident.
The Nasdaq-listed hotel operator had announced a massive breach of its Starwood reservation database on 30 November 2018, reporting that it could have affected up to 500 million customers.
It said it had the right to respond to the ICO before any final determination was made and a fine could be issued.
The company said it intended to respond and “vigorously defend” its position.
“We are disappointed with this notice of intent from the ICO, which we will contest,” said Marriott International president and chief executive officer Arne Sorenson.
“Marriott has been cooperating with the ICO throughout its investigation into the incident, which involved a criminal attack against the Starwood guest reservation database.”
Sorenson said the company “deeply” regretted that the incident happened.
“We take the privacy and security of guest information very seriously and continue to work hard to meet the standard of excellence that our guests expect from Marriott.”
Marriott confirmed the Starwood guest reservation database that was attacked was no longer used for business operations.