Please ensure Javascript is enabled for purposes of website accessibility

Marriott data breach cases consolidated in Maryland

A federal judge in Greenbelt will oversee centralized pretrial proceedings in dozens of lawsuits against Marriott International Inc. over a massive data breach the company reported last year.

The lawsuits generally allege there was unauthorized access for four years to reservation systems used by Starwood Hotels & Resorts Worldwide Inc., acquired by Marriott in 2016, allowing hackers to compile customer data such as credit card and passport numbers. The plaintiffs claim Marriott failed to put reasonable protections in place and did not notify the public in a timely manner.

marriott-interntional-logo-310Several plaintiffs filed motions to centralize the cases as multidistrict litigation to allow a single court to coordinate pretrial motions and discovery. The Bethesda-based Marriott generally supported centralization in U.S. District Court Maryland, where many lawsuits have already been filed.

The panel overseeing multidistrict litigation issued an order Feb. 6 transferring the cases to Greenbelt, where they were assigned to Judge Paul W. Grimm. At the time, 11 actions were pending in five districts around the country. As of Feb. 15, 50 cases have been transferred.

“We select the District of Maryland as the transferee district for this litigation,” Louisiana U.S. District Judge Sarah S. Vance wrote on behalf of the panel. “Marriott is headquartered in that district and relevant documents and witnesses thus likely will be found there. Defendants and the vast majority of responding plaintiffs support selection of this district, and far more actions are pending there than in any other district.”

Grimm issued a case management order Feb. 13 scheduling a hearing for April 5, at which he will discuss the appointment of lead counsel and a plaintiffs’ steering committee for the case. Lead counsel will coordinate with the other attorneys and communicate with the court.

The consolidation affects only pretrial proceedings currently and does not mean the cases will be tried together.

The case is In re: Marriott International Customer Data Security Breach Litigation, 8:19-cv-00367.

To purchase a reprint of this article, contact