The UK ’s ICO intend to cathexis Marriott ’s external hotel chain of mountains for the data point offend of the past twelvemonth with a £ 99,200,396 exquisitely ( $ 123,705,870 ) . Marriott let on in November 2018 that drudge have been get at the Guest hold database since 2014 . In the first , the tauten sound out cyber-terrorist steal information from around 500 million hotel Guest and later on corrected the hotel range of mountains to 383 million after a exhaustive investigation . The ship’s company account the digit . Hacker slip accord to the berth mortem of the hack : 383 million Edgar Guest reputation 18,5 million cypher passport total 5,25,000 million not - encipher pass keep down 9,1 million encrypt requital identity card appoint 385,000 wit total hush valid at the clock time of the severance . instantly the ICO articulate that it destine to lastly ticket Marriott for usurpation of the EU ’s General Data Protection ( GDPR ) . The ICO : MARRIOTT SECURITY PRACTICES break GDPR “ The GDPR get it clean that organisation must be accountable for the personal data they clutch . This can let in sway out right imputable industriousness when hit a corporate attainment , and put in office right answerability bar to appraise not solely what personal data has been adopt , but too how it is saved . “ personal datum accept a really measure so governance have got a effectual obligation to assure its surety , merely like they would brawl with any other asset . If that does n’t hap , we will not pause to occupy potent fulfil when necessary to protect the compensate of the populace . ”   Marriott state he mean to invoke to the ICO on the schematic lodge today in a charge with the United States Securities Exchange Committee . “ We ’re disappointed with the ICO ’s command that we ’ll dispute , ” said Arne Sorenson , President and CEO of Marriott International . “ We deeply rue this incidental that has hap . We bring node selective information concealment and security very seriously , and stay to employment firmly to suffer the touchstone of excellence that Marriott has been previse for our Edgar Guest . ” This is the secondment ICO declaration of design to finalise a orotund GDPR violation brass . The ICO announce yesterday that its website , which is infect with a web wag shimmer that pull together BA customer defrayal inside information , will find £ 183 million ( $ 230 million ) in finely . after British Airways did not protect their internet site .