Another GDPR data breach hits the headlines

Another GDPR data breach hits the headlines

No sooner have we published a blog about British Airways’ largest GDPR fine on record, we find another story in the news.

It seems that hotel group chain, Marriott International, is next in line to be subject to one of the largest GDPR fines since the new GDPR laws were introduced last year. According to a recent story, the fine relates to an incident that is thought to date back to 2014, but was only discovered in late 2018. During that time, around 339 million guests have had their personal details exposed in a data breach that could be one of the ICO’s biggest fines to date.

The data breach included 30 million guest records that were held in a reservation system and occurred within a rival hotel group that was acquired by Marriott three years ago.

Whilst the system has since been phased out and eradicated completely from the hotel chain, the Information Commissioners Office (ICO) states that the fine still stands, as the rules relating to GDPR, and the personal details held by a company, are very clear. They also state that organisations should be accountable for the data they hold by carrying out proper due diligence and in the case of Marriott, at the point of acquisition, but also for any organisation looking to access or store any personal data they hold for their customers.

It seems that the ICO is starting to make examples of organisations that do not toe the line – and the size of the BA and Marriott penalties (£183m and £99m respectively) – shows that the fines for those who do not comply are eye wateringly high.

The General Data Protection Regulation, best known as GDPR, was brought into force in 2018 and aimed to give the public more transparency as to how their data is being stored, used and accessed. It seems that one year on, the ICO is not taking any nonsense and the fines will stand for both of these organisations.

If you would like some further information or guidance surrounding the new GDPR legislation, contact Downs Solicitors to see how we can help

More blog posts from this author

What are restrictive covenants and why do I need them?

I own a start-up which grew very quickly and a few years ago I hired in a couple of senior personnel to help run the business. After 5 years, one of these senior hires is now leaving the business and going to a company which isn’t a direct competitor but operates in a very similar field.

Can I force my staff to have the Covid Vaccination?

Recent news reports indicate that some employers are considering making it compulsory for their staff to have a Covid vaccination.  Is this a lawful, or even sensible, move by employers?

Furlough Update - 1 September 2020

Today marks some key changes to the Job Retention Scheme where companies that have been using the government's coronavirus furlough scheme are now having to contribute to workers' wages.

More blog posts from this sector

Changing an employee’s terms and conditions is challenging both from a legal and trust perspective.

British Gas has been in the media over recent weeks due to the “fire and rehire” approach with their employees.

Domestic Abuse in the Workplace

The Department for Business, Energy & Industrial Strategy undertook a report into domestic abuse and the workplace. The report identified that the number of domestic abuse cases had increased during the pandemic and that 1 in 5 victims of domestic abuse had time off work. Sadly, research found that few employers were able to identify the signs of domestic abuse and/or had policies or procedures available to help support survivors.

The Spring Budget 2021: A Summary

As the UK eagerly tuned in to the most anticipated Budget for a generation, many were left wondering what the Chancellor’s traditional “rabbit out of a hat” might contain - especially as several big measures had been announced beforehand.

Our Team

Meet all of the team at Downslaw


15A High Street
KT11 3DH

T: 01932 589599
F: 01932 505087

DX: 46102 COBHAM


156 High Street

T: 01306 880110
F: 01306 471230



The Tanners
75 Meadrow

T: 01483 861848
F: 01483 431965