Marriott International has reached final settlement agreements with the Federal Trade Commission (FTC), 49 U.S. State Attorneys General, and the District of Columbia, following the 2018 security breach of its Starwood Hotels guest reservation database. The breach exposed sensitive data of millions of guests, leading to widespread concerns over data privacy.
Key Points of the Settlement:
- Marriott will pay $52 million to resolve the matter, but has not admitted liability in the agreements.
- As part of its continued efforts to enhance data protection, Marriott has committed to improving its data privacy and information security practices.
Data Privacy and Security Enhancements:
Marriott has introduced several initiatives aimed at reinforcing its data security:
- Customer Data Deletion Requests: U.S. customers now have the ability to request the deletion of their personal data.
- Marriott Bonvoy®️ Online Portal: A dedicated portal will be available for Bonvoy®️ members to report suspicious account activity.
- Multi-Factor Authentication: To improve account security, Marriott is implementing this feature for Bonvoy®️ accounts.
Ongoing Commitment to Data Protection
Marriott has reiterated its commitment to guest data protection, emphasizing significant investments in its security infrastructure. These steps are part of a broader strategy to address and mitigate the risks posed by evolving cybersecurity threats.
The resolution of this case highlights Marriott’s dedication to continuously improving its security protocols to protect customer data from future risks.