You are here: Home » News-IANS » Business-Economy
Business Standard

Marriott facing lawsuits after massive data breach

IANS  |  San Francisco 

Customers in the US have sued global Marriott for exposing their data, with one class-action lawsuit seeking $12.5 billion in damages.

The were filed in the state of and Maryland, reported on Monday.

"While plaintiffs in the lawsuit didn't specify the amount of damages they were seeking from Marriott, the plaintiffs in the lawsuit want $12.5 billion in costs and losses," said the report.

on November 30 revealed that its guest reservation system was hacked, exposing the personal information of approximately 500 million guests.

The said the hack affected its Starwood reservation database, a group of hotels it bought in 2016 that included the St. Regis, Westin, Sheraton, W Hotels, and Four Points by Sheraton.

"For roughly two-thirds of the guests who were possibly affected, the information in the breach included names, addresses, phone numbers, email addresses, passport numbers and travel details," reported.

Marriott said some records also included encrypted payment card information, but it could not rule out the possibility that the keys had also been stolen.

"We fell short of what our guests deserve and what we expect of ourselves. We are doing everything we can to support our guests and using lessons learned to be better moving forward," said in a news release.

Marriott said that it reported the breach to and was also notifying regulatory authorities.

Marriot shares witnessed a maximum 8.7 per cent drop after announcing the data breach.

According to cyber security experts, questions need to be asked as to how 500 million guests have been affected by this data breach.

"While we're still only beginning to assess the true extent of the attack, ultimately, the the and had in place clearly weren't sufficient enough if it allowed an unauthorised third party to get into the system," said David Emm, at

"The data was encrypted, but the attackers potentially stole the keys too - highlighting that an extra layer of security should have been in place to prevent this from happening. This data breach is now one of the most critical data breaches in history," Emm said in a statement.

According to John Shier, Senior Security Advisor, Sophos, the potential fallout from the Marriott's Starwood data breach should be alarming to anyone who has stayed at a in the last four years.

"Not only are guests at risk for opportunistic phishing attacks, but targeted phishing emails are almost certain, as well as phone scams and potential financial fraud," said Shier.

Unlike previous breaches, this attack also included passport numbers for some individuals who are now at increased risk for identity theft.

The experts advised people to change passwords and use electronic cards, not physical ones, for



(This story has not been edited by Business Standard staff and is auto-generated from a syndicated feed.)

First Published: Mon, December 03 2018. 12:04 IST