Morgan & Morgan sued Marriott International in federal court a day after the hotel chain announced it was the victim of another data breach affecting millions of customers.

Attorneys with Morgan & Morgan in Tampa filed the proposed class action in the District of Maryland. The suit, Springmeyer v. Marriott International, lists Las Vegas resident Pati Springmeyer as class representative and alleges the company failed to take required steps to protect its customers' data.

"These large companies know the risk posed by cyber criminals and continue to be cavalier with their customers' personal information. It's stunning that Marriott, which is already defending a significant data breach, we allege, would not have taken more care to secure its customers' information," Morgan & Morgan attorneys John Morgan and John Yanchunis said in a statement. "The fact that this breach comes less than two years after the first one we know about is damning, and they must be held accountable."

A spokeswoman for Marriott had no comment by deadline.

The lawsuit was filed in the wake of Marriott's announcement Tuesday that it had been the victim of another data intrusion, one that could affect as many as 5.2 million people. The company said the breach was discovered at the end of February after learning the login credentials of two employees had been compromised. The company said it believes the intrusion began in mid-January.

In its announcement, the company said personal identification information, including people's names, mailing addresses, email addresses, birth dates and phone numbers, were likely exposed, as well as information from their loyalty accounts with the hotel and some airlines.

The news comes less than 18 months after the company announced it had been subject to an even wider data breach. In November 2018, the company said the personal data of 500 million guests of its Starwood Hotels and Resorts Worldwide properties had been compromised.

Marriott has since lowered that figure to fewer than 383 million, but the information that was potentially exposed in that breach included passport numbers and credit card information — both of which Marriott said were not likely to have been exposed in the latest breach.

Dozens of lawsuits were filed in the wake of the initial breach, which has been litigated in federal court in Maryland, where the international hotel chain is headquartered.

In the 34-page complaint over the recent breach, Springmeyer contended the hotel chain failed to take required steps to safeguard customer information, and should have been well aware of its responsibilities, given the prior breach.

"Marriott made significant expenditures to market its hotels and hospitality services, but neglected to adequately invest in data security, despite the growing number of data intrusions and several years of well-publicized data breaches, including its own massive breach a little over a year ago," the complaint said.

Springmeyer said that, since the breach, she has been monitoring her accounts for any misuse of her information.

The suit alleges negligence, breaches of contract and confidence, and violation of Maryland's Consumer Protection Act.

The case was filed by Yanchunis, Jean Martin and Ryan McGee as well as William Murphy III of Murphy, Falcon & Murphy in Baltimore.

Yanchunis is a data breach litigation veteran after filing the first class action over the original Marriott breach and playing early or leading roles in breach cases against Yahoo, Facebook, Capital One, SunTrust and Exactis cases.

READ THE COMPLAINT: