A new class action filed against Marriott following the massive data breach alleges that the hotel giant’s systems are affected by a serious vulnerability that still exposes customer information.
Several lawsuits have been filed against Marriott after the company revealed that hackers had access to its systems since at least 2014 and that they may have stolen the details of up to 500 million customers from the Starwood guest reservation database.
The latest class action, initiated by law firm Edelson in Maryland, claims that Marriott’s network is still vulnerable to cyberattacks. Edelson claims its in-house forensics lab discovered a flaw in Starwood’s internal systems that exposes a “wealth of information.”
Edelson’s complaint is redacted to avoid giving away the details of the vulnerability, but it does note that “some of the largest and most significant data breaches in recent history were carried out by leaving open access to this exact type of data.”
“[The exposed information] could provide an endless roadmap of network weaknesses and attack points. Likewise, a database of this kind offers numerous data points for phishing attacks and social engineering,” the complaint reads.
Edelson also pointed out that when individuals impacted by the breach sign up for the WebWatcher service offered by Marriott through Kroll, they relinquish their right to bring legal action.
The WebWatcher service, offered free of charge for one year, monitors websites where personal information is shared and alerts the consumer if their information is found. However, the WebWatcher terms of service include a mandatory arbitration, jury, and class action waiver.
The lawsuit highlights several past cybersecurity incidents involving Starwood and Marriott systems – including the discovery of vulnerabilities and malware – in an effort to show that the hotel company failed to take appropriate steps to secure customer information and that it violated several laws.
SecurityWeek has reached out to Marriott for comment and will update this article if the company responds.
Marriott discovered the massive breach on September 8, when one of its internal security tools detected suspicious activity related to the Starwood guest reservation database. The investigation launched by the company revealed that the unauthorized access may have dated as far back as 2014.
Individuals involved in the investigation revealed that some clues left behind by the hackers suggest that the attack may have been part of a cyber espionage operation conducted by the Chinese government.
Related: Schumer Says Marriott Should Pay to Replace Hacked Passports
Related: Espionage, ID Theft? Myriad Risks From Stolen Marriott Data

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Zyxel Firewalls Hacked by Mirai Botnet
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
- Drop in Insider Breaches Drives Decline in Intrusions at OT Organizations
- Zero-Day Vulnerability Exploited to Hack Barracuda Email Security Gateway Appliances
- OAuth Vulnerabilities in Widely Used Expo Framework Allowed Account Takeovers
- New Honeywell OT Cybersecurity Solution Helps Identify Vulnerabilities, Threats
- Rheinmetall Says Military Business Not Impacted by Ransomware Attack
Latest News
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation
- Google Cloud Users Can Now Automate TLS Certificate Lifecycle
- Zyxel Firewalls Hacked by Mirai Botnet
- Watch Now: Threat Detection and Incident Response Virtual Summit
- NCC Group Releases Open Source Tools for Developers, Pentesters
- Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
