Marriott has announced on Friday that there has been unauthorized access to the Starwood guest reservation database since 2014. Even though it is unknown how the system got hacked, around 500 million guest’s data are believed to be compromised.
Hours after announcing a data breach, two Oregon men sues Marriott hotel for exposing their data. It was followed by another lawsuit filed in the state of Maryland hours later.
Both lawsuits are seeking class-action status. The plaintiffs in the Oregon lawsuit demands $12.5 billion in costs and losses while the plaintiff in the Maryland lawsuit didn’t specify the amount of damages they need from Marriot.
This will be equivalent to $25 for each of the 500 million users who had suffered data breach from Marriott’s servers.
The two Oregon plaintiffs told that consider the $25 as a minimum value for the time users spent for canceling credit cards due to the Marriott hack.
Marriot has not disclosed for how many users’ hackers have accessed the financial data, but the tally can’t be larger than 327 million.
Guests who stayed at Marriott’s Starwood-branded hotels in the past four years were affected. Starwood brands include W Hotels, St. Regis, Sheraton Hotels & Resorts, Westin Hotels & Resorts, Element Hotels, Aloft Hotels, The Luxury Collection, Tribute Portfolio, Le Méridien Hotels & Resorts, Four Points by Sheraton and Design Hotels.
Other class-action lawsuits against Marriott are expected to be filed in the upcoming months. These lawsuits will be integrated to simplify court proceedings. These types of lawsuits normally take years to reach trial and, in most instances, end with a settlement.
The Marriott hack is considered to be the second biggest hack of all time. After the announcement of the data breach, Marriot shares saw a maximum 8.7 percent drop.