Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

7/9/2019
12:02 PM
50%
50%

Marriott Faces $124 Million GDPR Fine in UK

The proposed penalty is for a data breach beginning in 2014 that affected more than 500 million customers worldwide.

The Information Commissioner's Office (ICO) of the UK said it intends to fine Marriott International £99,200,396, or approximately US$124,000,495, for General Data Protection Regulation (GDPR) violations.

The proposed fine, in response to the massive Starwood Hotels data breach that affected more than 500 million guests around the world, comes on the heels of a record £183 million (US$229 million) fine levied against British Airways for a breach of payment information of more than a half-million customers.

According to the ICO, Marriott has cooperated with the investigation and will now have a chance to present information to the Office regarding the potential fine. After hearing from Marriott and other interested parties, the ICO will decide on the final amount of the fine.

For more, read here.

 

Black Hat USA returns to Las Vegas with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions, and service providers in the Business Hall. Click for information on the conference and to register.

 

 

 

 

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
7/11/2019 | 8:15:54 AM
On hotels
I book directly by phone to the hotel itself, having been taken advantage of by Trivago some years ago ..... so what about those third party firms too???  HOW secure are they when you dump credit card data down over the net?  We don't hear much about that ever.  View with the same suspect as third party billing firms just went to hell in the Labcorp mess. 
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-11559
PUBLISHED: 2019-09-17
A reflected Cross-site scripting (XSS) vulnerability in HRworks V 1.16.1 allows remote attackers to inject arbitrary web script or HTML via the URL parameter to the Login component.
CVE-2019-15729
PUBLISHED: 2019-09-17
An issue was discovered in GitLab Community and Enterprise Edition 8.18 through 12.2.1. An internal endpoint unintentionally disclosed information about the last pipeline that ran for a merge request.
CVE-2016-10983
PUBLISHED: 2019-09-17
The ghost plugin before 0.5.6 for WordPress has no access control for wp-admin/tools.php?ghostexport=true downloads of exported data.
CVE-2016-10984
PUBLISHED: 2019-09-17
The echosign plugin before 1.2 for WordPress has XSS via the inc.php page parameter.
CVE-2016-10985
PUBLISHED: 2019-09-17
The echosign plugin before 1.2 for WordPress has XSS via the templates/add_templates.php id parameter.