Before Marriott: top three Atlanta breaches

Willie Sutton famously said that he robbed banks because that was where the money was, the same logic that today propels big-time thieves to attack company databases: it’s the digital tunnel to untold consumers wealth.

So, the huge data breach at Marriott is just the latest in a continuing string of massive compromise of consumer data.

Atlanta business is no stranger to the awkward, embarrassing and costly feeling of being hacked – whether for maliciousness or greed, local companies have been the targets of high profile digital theft.

The best-known three breaches of Atlanta-based companies:

-- Equifax: Revealed in September 2017, the breach turned Equifax from an obscure, yet pivotal player in the economy, into a household word – and not in a good way. The company was publicly shamed, not just for permitting the breach and seemingly procrastination telling Americans that they might need to protect their credit and their identities.

Recommended for you

Recommended for you

Recommended for you

Most read

  1. 1 Cops: Group worked together to steal $60K from Gwinnett bank customers
  2. 2 Fulton judge OKs class-action status for Georgia Power customers
  3. 3 UGA should not punish teaching assistant for acknowledging racism.

Information on more than 147 million Americans was accessed – although the scope of the theft was not clear at first

In fact, the hacking had been done months before. 

The news was followed by a firestorm of anger and investigations which have led to Congressional hearings, lawsuits against the company, charges of insider trading against several former executives and the departure of some higher ranking executives – albeit with multi-million dollar payouts.

Eventually, Equifax agreed to a consent order with regulators from eight states, including Georgia, that required the company to report on how it is improving security and to submit to reviews of its practices. Company stock took a hit, but no financial punishment was imposed on Equifax itself.

-- Home Depot:  Hackers got access to the data of roughly 56 million consumers in a cyber-attack on the computers of Home Depot in 2014.

The company eventually agreed to pay at least $19.5 million to compensate consumers who had been harmed by the breach. The retailer set up a $13 million fund to reimburse shoppers for losses, and spent at least $6.5 million to fund cardholder identity protection services. 

Home Depot faced class action suits and hundreds of millions of dollars in legal costs in proceedings that lingered for years.

The company did not admit wrongdoing or liability in agreeing to settle. 

The company said the breach affected people who used payment cards on its self-checkout terminals. 

-- Delta Air Lines: This past spring, Delta announced that it had suffered a breach of its online chat service. The company – one of the world’s largest carriers – said that information connected to “several hundred thousand customers” had been exposed. 

The breach took place in the fall of 2017, around the time that Equifax was being rhetorically lashed for its much larger breach.

Delta offered free credit monitoring for customers who were affected.


More from AJC