Marriott Faces Close to $125 Million Fine Over 2018 Data Breach

Jul 9, 2019

This post contains references to products from one or more of our advertisers. We may receive compensation when you click on links to those products. Terms apply to the offers listed on this page. For an explanation of our Advertising Policy, visit this page.

On Monday, the UK’s Information Commissioner Office (ICO) slapped British Airways with a potential £183 million fine for its 2018 data breach. To follow that up, on Tuesday, the ICO detailed its intention to fine Marriott more than £99 million (nearly $125 million) for its November 2018 data breach.

Like the BA fine, the ICO’s fine on Marriott was placed because of ‘infringements of the General Data Protection Regulation (GDPR)’. That GDPR breach involved the stealing of personal information of about 339 million Marriott guests.

The information exposure first started in 2014 but didn’t come to light until 2018, when Marriott originally said that more than 500 million guests had been affected. Marriott plans to fight the fine.

“We are disappointed with this notice of intent from the ICO, which we will contest,” Marriott CEO Arne Sorenson said in a statement. “Marriott has been co-operating with the ICO throughout its investigation into the incidents, which involved a criminal attack against the Starwood guest reservation database”.

In the eyes of the ICO, Marriott should have done more to review Starwood’s data practices and securing its systems. The watchdog agency now says that Marriott has made improvements to its security since the events came to light.

Under GDPR regulations, the ICO had the ability to impose a fine of up to 4% of a company’s global annual revenue.

Featured photo by Roberto Machado Noa/LightRocket via Getty Images.

Ink Business Preferred℠ Credit Card

WELCOME OFFER: 80,000 Points


CARD HIGHLIGHTS: 3 points per dollar on the first $150,000 in combined spending on travel, shipping purchases,  internet, cable and phone services, and advertising purchases made with social media sites and search engines.

*Bonus value is an estimated value calculated by TPG and not the card issuer. View our latest valuations here.

Apply Now
More Things to Know
  • Earn 80,000 bonus points after you spend $5,000 on purchases in the first 3 months from account opening. That's $1,000 toward travel when you redeem through Chase Ultimate Rewards®
  • Earn 3 points per $1 on the first $150,000 spent on travel and select business categories each account anniversary year
  • Earn 1 point per $1 on all other purchases–with no limit to the amount you can earn
  • Points are worth 25% more when you redeem for travel through Chase Ultimate Rewards
  • Redeem points for travel, cash back, gift cards and more – your points don't expire as long as your account is open
  • No foreign transaction fees
  • Employee cards at no additional cost
  • $95 Annual Fee
Intro APR on Purchases
Regular APR
17.49% - 22.49% Variable
Annual Fee
Balance Transfer Fee
Either $5 or 5% of the amount of each transfer, whichever is greater.
Recommended Credit
Excellent Credit

Editorial Disclaimer: Opinions expressed here are the author’s alone, not those of any bank, credit card issuer, airlines or hotel chain, and have not been reviewed, approved or otherwise endorsed by any of these entities.

Disclaimer: The responses below are not provided or commissioned by the bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by the bank advertiser. It is not the bank advertiser’s responsibility to ensure all posts and/or questions are answered.