Marriott’s recent data breach has proved quite costly. The company says it has booked a $126 million charge to pay for its massive data breach that was revealed last year.
Late last year, Marriott disclosed that its Starwood Hotels division had suffered a network breach that compromised the records of about 383 million guest records, including passports and credit-card information.
Last November, the company disclosed that hackers had broken into Marriott International's database and gained access to customers' data. The breach is likely the largest ever, surpassing the 2017 Equifax breach that exposed credit records for more than 145 million consumers.
According to Marriott, the breach occurred only at its Starwood Hotel brand. An investigation has revealed that unknown parties gained access to the database sometime in 2014, copying and encrypting information that had been stored there. Marriott said it was alerted to unauthorized activity and began an investigation in September 2018.
Hit to the bottom line
Marriott no longer operates theStarwood Hotels & Resorts Worldwide database, having shuttered it within weeks of the announcement of the data breach. But the incident played a role in the company’s second quarter earnings report, with $22 million of insurance recoveries related to the data breach.
In addition to the dent on its bottom line, Marriott faces other charges related to the data breach. The UK’s privacy watchdog has proposed a $120.5 million fine because of the intrusion, saying the company could have done more to keep its data secure. The company said it would appeal.
The data breach affected customers who stayed at a Starwood hotel from 2014 to November 2018.