Covid19 Announcement - View Here
Mon-Thu 09:00-19:00 | Fri 09:00-17:00
Covid19 Announcement - View Here

Marriott Hotels Data Breach

Marriott Hotels Data Breach

Marriott International Group has confirmed that they have been subject to a data breach where around 340 million of their customer’s personal information, including passport details, and payment card details have been compromised. If you have been affected by the Marriott Data Breach, you could be entitled to claim compensation.

Marriot announced in November 2018, less than six months after the introduction of the General Data Protection Regulation (GDPR), that their security systems had been breached which has put millions of their customer’s data at risk. The Marriott data hack is one of the most serious data breaches of its kind and one of the biggest personal data hacks on record.

Step 1

Get in touch using our contact forms or any details provided throughout the site.

Step 2

We arrange a free consultation with you to discuss the case

Step 3

If accepted we will action your case on a no win no fee basis.

The theft of personal and financial information could lead to identity fraud and huge financial losses which could potentially turn a person’s life upside down. The Information Commissioners Office (ICO) has issued a notice of intention to fine Marriott International £99.2 million over the breach under the new GDPR.

Marriott International is the parent company of several well-known hotel brands and can affect customers who have made reservations in any of the following hotels or timeshare properties:

  • W hotels
  • Aloft Hotels
  • Sheraton Hotels
  • Regis
  • The Luxury Collection
  • Design Hotels
  • Westin Hotels & Resorts
  • Element Hotels
  • Le Meridien Hotels & Resorts
  • Tribute Portfolio
  • Four Points by Sheraton
  • Starwood timeshare properties

How do I know if I’ve been affected?

Marriott emailed millions of customers who could have been potentially affected in November 2018, informing them of the data breach using the email address; The email was sent with the subject title ‘Starwood Guest Reservation Database Security Incident’. We advise any Marriott customers to search that title, email address or any keywords such as ‘Marriott’, ‘Starwood’, ‘Data breach’ or ‘Personal data’ in your email inbox, junk/spam folders, and even your deleted items.

If you have received this email, you have likely been affected. If so, contact HNK today and we may be able to pursue a claim for you on a no-win-no-fee basis.

What data was taken?

The main customer data taken from the Marriott Hotels Data Breach includes:


  • Card payment details – including CVV number and expiry dates
  • Full name
  • Home addresses
  • Passport details – including dates of birth and passport number
  • Email addresses
  • Telephone numbers
  • Gender
  • Reservation dates

Download Our Guide

Get in touch

Fill out the below form and one of our advisors will get in touch to arrange a consultation about your claim.

Call 0151 203 1104 Mon – Thu 09:00-19:00
Fri – 09:00-17:00

How we can help

HNK Solicitors have a team of expert Data Protection solicitors who have years of experience in dealing with data breach claims. We have been successful in obtaining compensation for clients who have been affected by data breaches against a wide variety of Defendants based in England and countries across the world.


If you have been affected contact HNK today before it’s too late.

Free Consultation

Contact HNK to arrange a free no-obligation consultation where we can offer free advice on whether you can pursue a claim against Marriott.


If we believe you have a case, we can pursue your claim for you on a no-win-no-fee agreement. This means it will not cost you a penny to start your claim, and you won’t have to pay if it is not successful.

Client Communication

If we accept your case against Marriott, our dedicated team of Data Protection Solicitors will handle everything for you and keep you up to date throughout the whole process.

Have Marriott admitted liability for this breach?

Marriott has so far failed to admit liability for this breach, but this does not mean you can’t claim compensation against them. Thus far, Marriott International has begun notifying customers but has not yet offered any monetary compensation. If you are offered compensation, you should still contact a solicitor anyway as they may be offering a lower amount that you are entitled to.

What is the ICO?

The Information Commissioners Office (ICO) is the independent authority charged with upholding data protection rights in the UK. They have investigated this data breach and found that Marriott failed to undertake sufficient due diligence when it bought Starwood and should have done more to make sure their IT systems were secure.

“The GDPR makes it clear that organisations must be accountable for the personal data they hold,” said Elizabeth Denham, the information commissioner. “This can include carrying out proper due diligence when making a corporate acquisition, and putting in place proper accountability measures to assess not only what personal data has been acquired, but how it is protected.”
They have announced their intention to find Marriott International £99.2 million for infringements of GDPR following this breach, although Marriott does have the right to appeal this decision. However, the ICO does not give this money to victims of the data breach or award compensation. Therefore, to ensure you are properly compensated from the data breach, you need to make a data breach compensation claim.

What is a group litigation case?

A group litigation claim or case is where a group of people – which can be as many as thousands – have all been affected by the same issue. All the people in the group collectively bring their cases to court against the Defendant and fight together to get compensation. This strengthens their overall position and can make a big organization take a matter more seriously. It can also increase their chances of settlement or success in litigation.

Just because you are part of a group litigation claim this doesn’t mean that everyone in the group will receive the same amount of compensation. Every claim within the group is settled based on the individual’s situation.

What can I claim for?

If your data has been breached you can claim for both damages and distress. So, you can claim for any financial losses or emotional distress you have suffered as a result of having your data stolen. However, you also have the right to claim, even if you haven’t suffered as a result of the failure to protect your data as, by law, they have a duty to keep your data safe.

How much will it cost?

Nothing upfront. If we deem you have a case that has a high chance of success, we will offer you a no-in-no-fee agreement. This means it won’t cost you a penny to start your claim and you won’t have to pay a thing if your claim is unsuccessful.

If your claim is successful, the legal costs which consist of the work HNK Solicitors has done for you and disbursement costs such as court and barrister fees will be recovered from Marriott themselves and the compensation you are rewarded. HNK cap the costs they take from your compensation at 35%, so no matter what you will get at least 65% of the compensation in the end.

Can’t find what you’re looking for?

Let us know what you’re looking for and we will get back to you as soon as we can.


Call us on - 0151 203 1104 | Email us at -


  • I have always found that anyone I’ve spoken to at your company to be very efficient and friendly both on the phone and emails sent to me. My claim has been dealt with speedily as well so I’m 100% pleased with the way my case has been handled.

    Margaret Powell
  • Fantastic service, emails were always answered promptly and always well updated even if no change! Could not be any happier with the outcome and wouldn’t hesitate to use the firm again

    Keyrah Brown
  • I am extremely happy that you stuck by my side throughout this whereas others did not. You believed me and never doubted me once. I am so glad that its finally settled and can’t thank you enough for everything. Absolutely 10/10!!!

    Jodie Anne Smith
Latest News

Our Case studies

Sexual Abuse & Sexual Violence Awareness Week 2021

This week is Sexual Abuse and Sexual Violence Awareness Week (1-7 February). This is a week dedicated to encouraging conversations...
Image of a young person video calling whilst driving

Nearly 1 in 5 Young People Admit To Video Calling Whilst Driving

Mobile phones are apart of a lot of people everyday lives. Texting, calling, tweeting or posting on social media can...
Body camera footage demonstrates police misconduct.

Leaked Review of Body-worn Footage Reveals Police Misconduct

Surges of social media posts, video footage and leaked documents showing controversial misconduct by UK police have caught the attention...

How do I claim?

For more information on how to claim please click this button

Claim Now
Call Us Claim Now