The Federal Trade Commission will require Marriott International, Inc. and its subsidiary Starwood Hotels & Resorts Worldwide LLC to implement a robust information security program to settle charges that the companies’ failure to implement reasonable data security led to three large data breaches from 2014 to 2020 impacting more than 344 million customers worldwide. In a proposed settlement order with the FTC announced Wednesday, Marriott and Starwood also agreed to provide all its U.S. customers with a way to request deletion of personal information associated with their email address or loyalty rewards account number. In addition, the proposed settlement requires Marriott to review loyalty rewards accounts upon customer request and restore stolen loyalty points. Under a separate settlement also announced today, Marriott also agreed to pay a $52M penalty to 49 states and the District of Columbia to resolve similar data security allegations. The FTC and the states worked in parallel on the investigation. The FTC does not have legal authority to obtain civil penalties in this case. “Marriott’s poor security practices led to multiple breaches affecting hundreds of millions of customers,” said Samuel Levine, Director of the FTC’s Bureau of Consumer Protection. “The FTC’s action today, in coordination with our state partners, will ensure that Marriott improves its data security practices in hotels around the globe.”
Confident Investing Starts Here:
- Easily unpack a company's performance with TipRanks' new KPI Data for smart investment decisions
- Receive undervalued, market resilient stocks right to your inbox with TipRanks' Smart Value Newsletter
Published first on TheFly – the ultimate source for real-time, market-moving breaking financial news. Try Now>>
Read More on MAR:
Looking for a trading platform? Check out TipRanks' Best Online Brokers , and find the ideal broker for your trades.
Report an Issue