Azar Firm Files Class Action Lawsuit Over Marriott Data Breach

Dec 18, 2018

A class action lawsuit filed against Marriott International over a massive data breach that compromised the personal information of up to 500 million people claims that the world’s largest hotel chain failed to address security flaws in an elite customer database for years, failed to notify affected guests for months after the breach was detected — and still hasn’t fixed the problem.

The lawsuit, filed on December 13 in the U.S. District Court for the District of Maryland by the law firm of Franklin D. Azar & Associates, names Marriott International and Starwood Hotels and Resorts Worldwide as defendants. Named plaintiffs Dennis DeSalvo, of Oceanview, New Jersey, and Pamela Moore, of Highlands Ranch, Colorado, are Starwood “preferred guests” impacted by the breach and seek class action status on behalf of others similarly situated.


Marriott acquired Starwood for $13 billion in 2016, creating the world’s largest hotelier, with more than 6700 properties in 130 countries. On November 30, 2018, Marriott announced that the Starwood database had been compromised, exposing to hackers the personal information of hundreds of millions of guests — including some combination of name, address, birth date, email address, passport number, and in some cases credit card numbers. However, the lawsuit notes that Marriott was first alerted to unauthorized access to the database in early September, 83 days before the public announcement.

As later investigation indicated, the breach began in 2014, allowing hackers potential access to the personal information of anyone who made a reservation at a Starwood property in the past four years. Security experts have puzzled over why Marriott failed to detect the breach during the process of acquiring Starwood, particularly after a well-publicized theft of guest payment information at 54 Starwood hotels in 2015. The complaint also alleges that “the Starwood Database remains vulnerable to hackers as of the date of this filing, and that Defendants have yet to take the proper steps to…protect their customers.”

In addition to credit card fraud, hackers can use personal information to access a variety of other accounts and websites. A 2013 Norton Report estimated the global price tag of cybercrime at $113 billion annually, with an average cost per victim of $298.


FDAzar is one of the largest plaintiff law firms in Colorado, known for championing the rights of individuals who have suffered damages at the hands of large corporations. Over the past 30 years, our attorneys have secured more than $1.5 billion in compensation for our clients, including more than $750 million from Walmart in a wage and hour dispute that involved hundreds of thousands of class action participants and litigation in 26 states.

Our class action department is staffed with experienced and knowledgeable attorneys who focus on litigating large, complex cases. We are currently investigating cases involving abusive wage practices, employees whose 401(k) plans have been subject to excessive fees and mismanagement, improper fees charged by investment companies, data security issues affecting Facebook users, and more.

If you have suffered damages as a result of unfair business practices, data breaches, or corporate misconduct, the class action attorneys at FDAzar may be able to help. Speak with a member of our class-action team today at (800) 716-9032 or contact us here. The consultation is free.