Lawsuits filed against Marriott after the hotel chain revealed a massive breach of its systems that compromised 500 million customers are seeking billions in damages.
And many more are on the way. A business owner who filled lawsuit, as an example, had noticed unauthorized purchases on his credit card recently and believes it was due to the hack. Other suspicious activities or an increase in spam were reported. A suit seeks up to $12.5 billion in damages or $25 for each customer who was affected. That covers "just the inconvenience of going to fix their credit, get a new credit card, and so forth," a lawyer explained. On behalf of Europe's recently enacted privacy law, known as GDPR, Marriott could also owe up to $912 million in fines for the breach.
Marriott declined to comment on the lawsuits and about fact that it was a delay in identifying the problem. For the instant, the hotel chain is offering to pay for the cost of a new passport, about $110 dollar fee each, if fraud has been detected. Data-protection experts note the unusually broad extent of the company's breach, which revealed names, addresses, passport numbers, dates of birth, credit card information and travel details of at least 327 million people, and less sensitive information for up to 500 million. "Data breaches are a very real business risk with bottom-line concerns," said Tim Steinkopf, president of Centrify, a data security firm.