A class action lawsuit has been filed against Marriott over the recently discovered data breach. The hotel chain has already taken a few steps in notifying affected customers, setting up a website and even offering to cover passport renewal expenses for those whose numbers were stolen. But experts say that the breach, which started sometime in 2014, should have been discovered much earlier.
Hackers stole data from as many as 500 million guests who made reservations at Marriott’s Starwood properties, including some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences.
USA Today reports that on Friday, Murphy, Falcon & Murphy, with their co-counsel Morgan & Morgan, filed a national class action lawsuit against Marriott, alleging that the hotel chain “failed to ensure the integrity of its servers and to properly safeguard consumers’ highly sensitive and confidential information.” A Baltimore law firm also filed suit.
Experts are claiming that Marriott may have missed an opportunity to catch and correct the problem during a smaller breach in 2015. With all the resources they have, they should have been able to isolate hackers back in 2015,” Andrei Barysevich, a researcher with the security company Recorded Future Inc., said in an interview with the Wall Street Journal.