Data security is an important concern for business operations in the age of technological advancements and digital transformation. This is no different for one of the biggest and most renowned hotel chains, Marriott International.
However, this hotel giant has suffered many data breaches that have sent shockwaves through the hospitality industry. It has led to many concerns about Marriott International's ability to safeguard customer information.
This article looks at the company's past data breaches and examines the scope, impact, and organizational response to these incidents.
An Overview of Marriott International
Marriott International is a globally renowned hospitality company operating an extensive portfolio of accommodations and hotel brands. The company was founded by J. Willard Marriott and Alice Marriott in 1927.
Since then, it has grown into one of the most recognized and largest hotel chains in the world, with a presence in more than 130 countries and territories. However, the hotel giant has found itself in the center of a scandal in 2021 with its operations in Poland.
The Marriott International scandal in Poland gained significant attention and questioned the company's business practices. The key allegations that sparked this scandal include:
Unfair Labor Practices
Allegations came out exposing Marriott International of systematically underpaying its employees in Poland. It was reported that the hotel giant failed to meet the legally mandated minimum wage. Moreover, claims of worker mistreatment and poor working conditions were made.
Tax Evasion
Reports showed that Marriott International was using offshore accounts and transfer pricing schemes to reduce the company's tax liability to the Polish government. The tactics used by the hotel giant are believed to have created a significant revenue loss for the Polish government.
Environmental Violations
Even though Marriott International promotes its commitment to responsible environmental and sustainability practices, many of the Polish properties run by Marriott have been accused of committing environmental violations. These violations include unsustainable operations and improper waste disposal.
Marriott International's Global Reputation
Poland isn't the only place where Marriott International's reputation has been tarnished. The hotel giant has also had its fair share of data security breaches that have impacted its brand image. Here are some of the most notable data breaches involving Marriott International:
The Data Breach of Starwood Hotels in 2018
The data breaches of Marriott International first gained public attention in late 2018. This was when the hotel company revealed that its Starwood Hotels division had experienced a large breach of sensitive information.
Acquired in 2016, Starwood Hotels operated some of the most popular hotel brands. These included W Hotels, Westin, and Sheraton. When this breach occurred, it compromised the financial and personal information of approximately 500 million guests who had previously stayed at a Starwood Hotels-run property.
What Was the Scope of the Breach?
This Starwood security breach involved unauthorized access to the division's guest reservation database. Information in this database included personal information, such as names, contact information, passport details, and card payment information. Dating back to 2014, this breach had occurred before Marriott International acquired Starwood Hotels.
What Was the Impact?
Both Marriott International's finances and reputation were severely impacted by the data breach. This incident caused the public to question how long the unauthorized access went undetected and how this breach could have impacted those whose information was stored in the database.
Marriott International's Breach in 2020
The hotel giant had just put its 2018 breach behind it when Marriott International faced another security breach in early 2020.
Even though this data breach incident was smaller in scale than the Starwood Hotels 2018 breach, it exposed the personal and financial information of approximately 5.2 million guests. Despite this incident being less extensive, it was an alarming event for Marriott International and its customers.
What Was the Scope of the Breach?
Once a thorough investigation was done, it was found that the 2020 breach could be traced back to an application that was employed by Marriott International's hotels in Europe. This breach exposed personal information such as names, contact details, and card payment details of all previous guests who stayed on those properties.
What Was the Impact?
Even though the 2020 data breach incident was smaller than its 2018 counterpart, it reminded the public of Marriott International's vulnerabilities to data breaches. It also highlighted the need for Marriott International to invest in continuous security vigilance to prevent these cyber threats.
The London Lawsuit
Marriott International is facing a collective action lawsuit in London's High Court for its 2018 data breach. The purpose of this lawsuit is for affected parties to receive damages for the loss of control over their personal information.
The connective action lawsuit has been filed by a technology journalist named Martin Bryant on behalf of the victims in England and Wales whose personal information was exposed in the Marriott International acquisition of Starwood Hotels group breach that occurred in 2016.
The Information Commissioner's Office (ICO), which is the UK's data protection regulator, has announced its intent to fine Marriott International more than $99 million for this data breach. However, this lawsuit isn't alone. Marriott International is facing multiple lawsuits filed by consumers in Canada and the U.S. relating to the same data breach incident.
Final Thoughts
Marriott's security breach history is a reminder that cyberattack threats are a likely occurrence if effective data protection practices aren't put into place. Because of these negated security measures, Marriott International has put itself as an easy target for hackers.
This established data breach history highlights Marriott International's need for increased investment in cybersecurity measures, continuous improvement in data security practices, and improved regulatory oversight.
Even though these data breaches only detail Marriott International, these events should be a reminder to the hospitality industry as a whole to recognize the potentially devastating consequences of data breaches and take the necessary steps to prevent their occurrence.
The world continues to become more reliant on digital innovations. That's why data security needs to remain a top priority. When data security is prioritized, an organization can protect its customers and operations from the devastating effects of cyber threats.
© 2025 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.
