U.S. Democrat Senators Mark Warne, Ed Markey, and Richard Blumenthal published statements asking for the passage of data security and consumer privacy legislation by the Congress following the Marriot International hotel chain breach.
The Marriott hotel chain disclosed a huge data breach on November 30 which affected 500 million customers who had their data stored in the chain's Starwood guest reservation database.
Moreover, the massive security breach happened in 2014, and Marriot found out about it on September 10 following an internal security alert regarding an attempt to access the Starwood reservation database.
"Breaches like this can lead to identity theft and crippling financial fraud. They are a black cloud hanging over the United States’ bright economic horizon. The American people deserve real action," said Senator Markey.
"It’s time for Congress to pass comprehensive consumer privacy and data security legislation that requires companies to adhere to strong data security standards, directs them to only collect the data they actually need to service their customer, and creates penalties for companies that fail to meet them."
The senators asked for legislation targeted at both customers' data protection and data breach penalties
Senator Warner also requested for new legislation to be passed that will require companies to limit the amount of data they collect from their customers, as well as remove the sensitive data they no longer use from their databases.
Furthermore, Warner added that "it is past time we enact data security laws that ensure companies account for security costs rather than making their consumers shoulder the burden and harms resulting from these lapses."
U.S. Senator Blumenthal also commented on the Marriot data breach, saying that the failure to protect the sensitive data it was entrusted with by its customers highly increases their risk of being targeted by future identity theft and financial attacks.
"The apparent failure to detect and remove hackers from its systems for four years calls into question whether Marriott took the security and privacy of its customers seriously," argued Blumenthal according to CNET.
U.S. Senator Charles Ellis 'Chuck' Schumer also published a statement today saying that Marriot should pay the $110 bill for the new passports the affected customers will have to request following the data breach.