Marriott data breach is under investigation in several countries, where the hotel and resorts giant has a presence. In the E.U., Information Commissioner’s Office (ICO) leads the investigation. It is the UK independent body set up to uphold information rights. Local authorities of each country are interested to participate as ‘supervisory authorities’ in the cooperative framework of GDPR. According to ICO as the investigation is at an early stage no official attribution has been made. Given that the global annual revenue of the company reached $22.89 billion in 2017 and the strictest fine could amount to 4% of it, the sanctions imposed by the E.U. could be translated to $8.8 billion. This will probably surpass the amount of $3.5 billion, analysts initially estimated some days after the incident went public. In addition, it is possible that some clients may take legal action against the company and claim damages which will elevate the cost of the breach even higher. In the worst case scenario if it is proved that the company was fully aware of the hacker attack well before it was revealed, then the Securities and Exchange Commission of the U.S. will pursue a prosecution against Marriott on the grounds of causing serious losses for its investors.
Clique aqui e leia a matéria completa.