Marriott CFO Says Too Early to Estimate Cyber Breach Costs

[InfoSec News <alerts () infosecnews org>]

https://www.insurancejournal.com/news/national/2018/12/05/511070.htm

By Patrick Clark
Insurance Journal
December 5, 2018

It's too soon for Marriott International Inc. to estimate the cost of the 
massive cyber breach that the company disclosed last week, and other 
companies that have suffered big attacks are imperfect proxies, said Chief 
Financial Officer Leeny Oberg at an investor conference today.

"Any situation that you’ve seen from other companies, they are all highly 
individual, and no one should make an assumption about, if it was this way 
for one company, it will be that way for another," Oberg said at the 
Barclays Gaming and Lodging Conference, marking the first public comments 
by a top executive since the company disclosed the hack. "You do expect 
there will be material costs associated with this."

Marriott said Dec. 1 that personal data for as many as 500 million guests 
was exposed in the breach, according to the company's statement. The hack 
affected the system for Starwood Hotels and Resorts, which Marriott 
acquired for $13.6 billion in 2016, and in some cases exposed credit card 
data, passport numbers and loyalty account information.

The company could face $200 million in fines and litigation expenses, and 
could spend about $1 per customer notifying victims and providing free 
data monitoring services, according to a note last week from Morgan 
Stanley.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_