Marriott has been fined £14.4 million ($25m) in a final penalty notice from the UK watchdog for its massive data breach discovered in 2018.
The only upside for Marriott was the fact the fine was downgraded from the £99 million ($178m) figure the Information Commissioner’s Office (ICO) initially said it would levy.
“Millions of people’s data was affected by Marriott’s failure; thousands contacted a helpline and others may have had to take action to protect their personal data because the company they trusted it with had not,” UK Information Commissioner Elizabeth Denham said.
“When a business fails to look after customers’ data, the impact is not just a possible fine, what matters most is the public whose data they had a duty to protect.”
Marriott said it regrets the incident and will not appeal the ICO’s decision.