Marriott Hotel was fined 6,543,800+084,000 pounds for revealing guest information. Is this punishment reasonable?

There has always been news that personal information has been leaked for some time, which makes me very worried. I think such a punishment result is very reasonable and necessary. The regulatory authorities have also made such punishment results according to certain laws and regulations, which will prompt other enterprises to increase the security protection of customers' personal information. The appearance of hotels is very convenient for people, and staying in hotels can help people have a better rest and be more convenient. However, the disclosure of privacy will not only bring the risk of loss to consumers' personal property, but also bring negative effects to enterprises.

Marriott is the world's largest hotel group, with several well-known hotel brands. It is really inappropriate to have information leaked. Cause of the incident: Starwood Hotel suffered a cyber attack on 20 14, and Marriott acquired Starwood Hotel on 20 16. But it was not until 20 18 that the information of about 500 million guests was leaked. The leaked guest information includes a series of personal privacy information such as name, telephone number, passport number, date of birth, gender and communication preference, and it shows that Marriott Group failed to maintain corporate privacy and security information after the acquisition, which led to this incident. Personal information is the most valuable resource in the Internet economy. If personal privacy information is leaked, it will be sold and used by criminals, resulting in property losses.

In fact, the most puzzling thing is that as the world's largest hotel group, there should be relevant security management systems to safeguard customers' personal information. The information leakage incident shows that there are still serious loopholes in enterprise information security management. Who dares to stay in hotels in the future? It also sounded the alarm for other enterprises, and user information security must be listed as an important content of enterprise competitiveness. Regulatory authorities should strengthen the supervision of illegal information trafficking, find relevant behaviors, and ensure the safety of customers' personal information.