In the claim, filed by Guardian Law Group. “The defendants knew or ought to have known that their databases were vulnerable to loss or theft”
The lawsuit claims, among other things, that Marriott didn’t utilize up-to-date security systems to protect its clientele. In addition, there were reports that during 2014, Starwood’s website was the home to (an) SQL injection bug, and offers to hack the site were being made on the dark web.
“The defendants breached their duty of care by using dated security measures that failed to detect the security breaches as they happened and failing to notice the breaches for over four years.”