The UK’s data privacy regulator is planning to slap world’s biggest hotel chain with a ..99 million fine under GDPR over 2014 data breach. In November 2018, Marriott discovered that unknown hackers compromised their guest reservation database through its Starwood hotels subsidiary and walked away with personal details of approximately 339 million guests. The breach, which likely happened in 2014, also exposed unencrypted passport numbers for at least 5 million users and credit card records of eight million customers. The ICO’s investigation found that Marriott failed to undertake sufficient due diligence when it bought Starwood and should also have done more to secure its systems.
Source: https://thehackernews.com/2019/07/marriott-data-breach-gdpr.html