The Wyndham chain of hotels is being charged with failure to protect it’s customers financial data.
June 27, 2012- On Tuesday, the Federal Trade Commission filed a complaint against the hotel chain Wyndham Worldwide Corp along with three of its subsidiaries. The complaint alleges that the hospitality company’s failure to safeguard personal data of its customers led to fraud that has cost more than $10 million.
The FTC said the company repeatedly failed to secure private data that led to payment card information of hundreds of thousands of people to be exported to a domain address on the Internet that was registered somewhere in Russia. Wyndham, which has several different hotel brands, including Super 8 and Days Inn that are value-oriented properties, is one of many organizations that have acknowledged in the last three years they were hacked by those seeking intellectual property or financial gain.
The FTC, in this complaint said the charges on consumer accounts with Wyndham that are fraudulent totalled over $10.6 million following data breaches that took place on three occasions over less than a two-year period. The breaches took place in April of 2008, March of 2009 and sometime late in 2009.
The complaint said that even after the first breach took place due to faulty security, Wyndham failed to remedy the security vulnerabilities, failed to implement reasonable measures to detect when unauthorized access occurred and failed in providing proper incident respond protocol.