Alabama Attorney General Steve Marshall announced on Wednesday that a coalition of 50 attorneys general has settled with Marriott International, Inc., following an investigation into a large multi-year data breach of one of its guest reservation databases.
Under the settlement, Marriott has agreed to strengthen its data security practices, provide certain consumer protections, and pay states $52 million.
Alabama will receive $973,468 from the settlement.
"Companies must prioritize the protection of consumer data," Marshall said. "Consumers are required to give away massive amounts of sensitive information just to book a hotel room, rent a car, or buy a plane ticket. In return, these companies must regularly assess and bolster their ability to protect their consumers' information. Particularly in today's challenging economic environment, consumers shouldn't also have to worry about their personal information being compromised."
Marriott acquired Starwood in 2016 and took control of the Starwood computer network in 2016. However, from July 2014 until September 2018, intruders in the system went undetected. This led to the breach of 131.5 million guest records pertaining to customers in the United States. The impacted records included contact information, gender, dates of birth, legacy Starwood preferred guest information, reservation information, and hotel stay preferences, as well as a limited number of unencrypted passport numbers and unexpired payment card information.
Shortly after the breach of the Starwood database was announced, a coalition of 50 attorneys general launched a multi-state investigation.
To connect with the author of this story or to comment, email caleb.taylor@1819News.com.
Don't miss out! Subscribe to our newsletter and get our top stories every weekday morning.
