Marriott faces group action following 2014-18 data breach

Martin Bryant, founder of the consultancy Big Revolution, has filed a data protection group action against Marriott International in the High Court of England and Wales

Announcing the move in his company’s newsletter, Bryant said the action sought compensation on behalf of millions of hotel guests.

It follows the data breach of hundreds of millions of guest records between July 2014 and September 2018, after a data security incident involving the Starwood guest reservation database. Marriott International acquired the Starwood group in 2016.

The case is being financed by litigation funder Harbour and managed by law firm Hausfeld. The action represents everyone resident in England and Wales whose data was stolen in the Starwood/Marriott breach, wherever in the world they stayed.

Explaining his rationale for the filing the group action, Bryant wrote: “If a major corporation suffers a breach because it didn’t do everything it could to protect your data, and the worst it suffers is a fine for breaking data protection rules, there’s little incentive for anything to really change. But if the company becomes accountable to the customers whose data they lost, it’s a different matter.”

    Share Story:

Recent Stories


Financial institutions were early adopters of cyber security and insurance. Are they still on top of the game?
Managing huge amounts of sensitive data online makes financial institutions a prime target for hackers. As such, the sector was an early cohort for insurers in creating cyber cover. Since then, the market has evolved almost beyond recognition. It continues to challenge itself to this day, complying with rigorous regulatory demands and implementing avant-garde enhancements to keep abreast of the ever-changing risks.

Manufacturing: An industry at risk amid great technological change
Of the many sectors of business, manufacturing companies are among the most at risk from cyber threats. How has the sector evolved to make it so vulnerable and what does the task of managing cyber exposure in a manufacturing company look like? CIR’s latest podcast with Tokio Marine HCC sought to answer all these questions and more. Published April 2021

Advertisement