Texas Reaches $3.5M Settlement With Marriott Over Customer Data Breach – Go Health Pro

Texas Attorney General Ken Paxton announced the state has secured a settlement with Marriott International, Inc., that resolves an investigation into a breach of one of the company’s reservation databases.

The breach exposed 131 million guest records pertaining to customers in the United States and these records included contact information, gender, dates of birth, legacy Starwood Preferred Guest information, reservation information, and hotel stay preferences, as well as a limited number of unencrypted passport numbers and unexpired payment card information.

Marriott will also make a $52 million payment to the 50 states participating in this settlement, including $3.5 million to the State of Texas.

The Agreed Final Judgment entered in this case includes comprehensive injunctive terms to strengthen Marriott’s data security practices. Marriott’s information security program includes new overarching security program mandates, such as incorporating zero-trust principles, regular security reporting to the highest levels within the company including the Chief Executive Officer, and enhanced employee training on data handling and security.

“Texas law is clear that companies in possession of Texans’ personal information have a duty to safeguard that data,” said Attorney General Ken Paxton. “Given the frequency of cyberattacks today, it is simply unreasonable for companies to lack a comprehensive risk-based data security program. Through this settlement, customers will be much better protected. I will continue to fight for our citizens’ privacy and data security.”

Source: Office of the Attorney General of Texas

Topics
Cyber
Texas

Was this article valuable?


Here are more articles you may enjoy.

Interested in Cyber?

Get automatic alerts for this topic.

Leave a Comment

x