Federal judge orders Marriott to release forensic report from Starwood data breach

Federal judge orders Marriott to release forensic report from Starwood data breach

The federal judge overseeing a shareholder lawsuit against Marriott stemming from the mega data breach at its Starwood unit has ordered the companies to release key documents surrounding the incident, including a third-party forensic report that could shed light on lapses leading to the massive hack of customer data.

The breach, which exposed personal information of at least 300 million Starwood lodging guests over a period of several years, came to light in 2018 and is one of the largest data hacks on record.

US District Judge Paul Grimm in Maryland granted a motion filed by noted investor firm Labaton Sucharow, which had petitioned the court to unseal the so-called PFI report โ€“ a Payment Card Industry Forensic Investigative Report that Marriott had sought to keep from public scrutiny.

โ€œBecause defendants have not met their burden to overcome the First Amendment right to access, the motion to unseal is granted,โ€ Judge Grimm wrote, adding that the report will be subject to โ€œnarrowly tailored redactionsโ€ if defendants can prove they threaten any existing operational database systems.

Judge Grimm noted that shareholdersโ€™ request to release the report โ€œdoes not run afoulโ€ of rules governing a stay of discovery in the case and that โ€œthere is a First Amendment right to access portions of the PFI report and pleadings that cannot be shown to constitute a particularly identified, non-speculative harm.โ€ He also challenged Marriottโ€™s argument that disclosing parts of the report could jeopardize ongoing investigations into the breach, concluding โ€œthe record before me fails to do so.โ€

Labaton had filed its motion to unseal the documents in mid-August.

About the author

Avatar of Chief Assignment Editor

Chief Assignment Editor

Chief Assignment editor is Oleg Siziakov

Share to...