Marriott data breach is under investigation in several countries, where the hotel and resorts giant has a presence. In the E.U., Information Commissioner’s Office (ICO) leads the investigation. It is the UK independent body set up to uphold information rights. Local authorities of each country are interested to participate as ‘supervisory authorities’ in the cooperative framework of GDPR. According to ICO as the investigation is at an early stage no official attribution has been made. Given that the global annual revenue of the company reached $22.89 billion in 2017 and the strictest fine could amount to 4% of it, the sanctions imposed by the E.U. could be translated to $915 million. This will probably add up to the amount of $3.5 billion, analysts initially estimated some days after the incident went public.
via GDPR May Add Up To $915? Marriott’s Data Breach Expenses.