Attorney General Jonathan Skrmetti announced Oct 9 that a coalition of 50 Attorneys General has reached a settlement with Marriott International, Inc. as the result of an investigation into a large multi-year data breach of one of its guest reservation databases. The Federal Trade Commission, which has been coordinating closely with the states throughout this investigation, has reached a parallel settlement with Marriott. Under the settlement with the Attorneys General, Marriott has agreed to strengthen its data security practices using a dynamic risk-based approach, provide certain consumer protections, and make a $52 million payment to states. Tennessee will receive $919,043.00 from the settlement.
“When Tennesseans submit their personal information to a company, they expect that to stay private,” said Tennessee Attorney General Jonathan Skrmetti. “A breach of this magnitude is not just a violation of privacy; it’s a violation of trust. Our Office is proud to have worked alongside Connecticut and 48 attorneys general to hold Marriott International accountable and ensure protections for consumers’ personal data. Affected Tennesseans will receive specific protections going forward, including data deletion, account monitoring, and an option for multifactor authentication on any Marriott account.”