Are we at the point where we’ll only buy from a company providing they look after our data properly? We say this because yet another travel company – this time the hospitality giant Marriott which owns several hotel chains including Marriott and Starwood – fessed up to a huge data breach where the personal data of a whopping 500 million customers was stolen.
This story made the headlines in the US not just because of the size of the hack (one of the biggest on record), but because the company has been the victim of several successful hacks in the past and – not surprisingly – its cyber-security system is now being called into question.
In fact the company is now being investigated by several government and regulatory bodies, including our own Information Commissioner who, under the terms of the new GDPR legislation, can impose significant fines on the company. This being America, the company is already standing by to receive a slew of class actions brought about aggrieved (and litigious) customers.
These types of incidents not only now cost companies big bucks but they put a big dent in their reputations too. And so they should. If a company can’t look after our personal details properly then it probably doesn’t deserve our custom.
It’s a view being taken by a growing number of people as we begin to wake up to the fact that we may have been too trusting in the past and if companies are going to be entrusted with our personal details then they’ll need to work a damn sight harder to earn that trust.
Travel companies in particular insist on our handing over lots of personal details about ourselves. Few people would willingly give a company their mobile number as well as email address, credit card details, home address, next of kin details and passport details, but that’s what we’ll happily hand over to airlines.
But the hack recently suffered by British Airways shows that maybe we shouldn’t have been so carefree with out as all those details were stolen from the company’s IT system. Hotels request lots of personal information from us too and as Marriott has shown they clearly don’t always take good care of it.
At some point, the conversation will go something like this, ‘I’ll give you my personal details but I’ll want something from you in return. An assurance that your cyber security system is fit for purpose would be a start’.