BA, Marriott Face Massive Fines For Data Loss

If proof was needed that poor data protection is bad for the corporate wallet, two examples have demonstrated that substantial fines face those organisations that have lax data security.


The international hotel group Marriott is to be fined almost £100m by the Information Commissioner’s Office after hackers stole the records of 339 million guests.


In November, Marriott International, the parent company of hotel chains including W, Westin, Le Méridien and Sheraton, admitted that personal data including credit card details, passport numbers and dates of birth had been stolen in a colossal global hack of guest records.


The ICO, which is proposing a £99.2m fine for Marriott, said that about 30 million of the hacked guest records related to residents of 31 countries in the European Economic Area. Seven million related to UK residents.


Marriott said it would appeal against the fine.


The UK’s data watchdog has also announced plans to fine the airline British Airways a record £183 million over last year’s data breach.


The Information Commissioner’s Office (ICO) said that “poor security arrangements” at the company lead to the breach of credit card information, names, addresses, travel booking details, and logins for around 500,000 customers. The fine would be the largest the ICO has ever issued, BBC News reports, far more than the £500,000 fine against Facebook for the Cambridge Analytica scandal that affected millions. British Airways will now have 28 days to appeal the ruling before it is made final.


In a statement, the Information Commissioner Elizabeth Denham said that the loss of personal data is “more than an inconvenience” and said that companies should take appropriate steps “to protect fundamental privacy rights.”

more news

Cyberattacks: Preparing For The Inevitable


It is generally accepted that it is when, not if, large organisations will be the target of malicious cyberattacks. The importance of being prepared has been laid out in a blog post Sweat In Peace, Don't Bleed In War, written by Meredydd Hughes, a former UK chief constable with substantial crisis management experience.

read more

Varonis Blog Highlights 110 Cybersecurity Statistics


Cybersecurity company Varonis has issued its predictions for the forthcoming year with a blog post entitled 110 Cybersecurity Statics For 2020. The blog states that cybersecurity issues are becoming a day-to-day struggle for businesses. Recent trends and cybersecurity statistics reveal a huge increase in hacked and breached data from sources that are increasingly common in the workplace, like mobile and IoT devices.

read more

UK To Go On The Cyber Offensive


The UK Government is about to launch a new proactive and offensive cybersecurity team that will wage cyberwarfare against hostile nation-states and online crime organisations. It would be naive to believe that the UK has not launched cyberattacks against third parties, but the killing of Qassem Soleimani has brought this out into the open.

read more

Are You Ready For Iranian Revenge Cyberattacks?


Following the killing of Qassem Suleimani no-one can be sure of what military action Iran will take, but experts agree that its cyberattacks will increase against countries and governments it sees as hostile.

read more