If proof was needed that poor data protection is bad for the corporate wallet, two examples have demonstrated that substantial fines face those organisations that have lax data security.
The international hotel group Marriott is to be fined almost £100m by the Information Commissioner’s Office after hackers stole the records of 339 million guests.
In November, Marriott International, the parent company of hotel chains including W, Westin, Le Méridien and Sheraton, admitted that personal data including credit card details, passport numbers and dates of birth had been stolen in a colossal global hack of guest records.
The ICO, which is proposing a £99.2m fine for Marriott, said that about 30 million of the hacked guest records related to residents of 31 countries in the European Economic Area. Seven million related to UK residents.
Marriott said it would appeal against the fine.
The UK’s data watchdog has also announced plans to fine the airline British Airways a record £183 million over last year’s data breach.
The Information Commissioner’s Office (ICO) said that “poor security arrangements” at the company lead to the breach of credit card information, names, addresses, travel booking details, and logins for around 500,000 customers. The fine would be the largest the ICO has ever issued, BBC News reports, far more than the £500,000 fine against Facebook for the Cambridge Analytica scandal that affected millions. British Airways will now have 28 days to appeal the ruling before it is made final.
In a statement, the Information Commissioner Elizabeth Denham said that the loss of personal data is “more than an inconvenience” and said that companies should take appropriate steps “to protect fundamental privacy rights.”
Secure Working From Home During Coronavirus
In the wake of the coronavirus, many organisations internationally are allowing people to work from home to lessen the risk of contagion, but is this wise from a cybersecurity point of view? While companies generally have a cybersecurity policy in place that governs the use of anti-virus and firewall protection, individuals without any tech knowledge could fall foul of cybercriminals.read more
Crypto Miners, Targeted Ransomware Dominate the Threat Landscape
Twenty-eight per cent of all organisations worldwide were impacted by malicious multi-purpose botnets and targeted ransomware attacks rose by 20% according to Check Point Research, the Threat Intelligence and Research arm of Check Point Software.read more
Kaspersky's Top 7 Mobile Security Threats in 2020
Mobile device security threats are on the rise. In 2014, Kaspersky detected almost 3.5 million pieces of malware on more than 1 million user devices.read more
SEC Releases Guide To Combat Cybersecurity Threats
The Securities and Exchange Commission has released a guide to best practices to combat cybersecurity infractions, data loss and privacy breaches.read more