According to a research report by Symantec Corp, on an average two out of three hotels leak the guests booking details. The study took a sample of 1500 hotel’s websites from 54 countries.
Anyhow, Marriott was not included in the study. Data that got breached includes full names, email addresses, credit card details and passport numbers of the customers which pose a definite threat to their digital assets and identities. Especially if these travelers are Government officials (their moments are always on the check and their lives at risk) their data can be used for serious cyber-crimes. It can also put countries at risk.
When notified regarding the issue by investigator Candid Wueest 25% of the data privacy officers at the affected hotel sites responded within 6 weeks to e-mail. Only a few accepted the loophole in the system and told Wueest that the companies were working on GDPR.