Skip Navigation

Close and don't show again.

Your browser is out of date.

You may not get the full experience here on National Journal.

Please upgrade your browser to any of the following supported browsers:

FTC Sues Wyndham Hotel Chain Over Security Breaches FTC Sues Wyndham Hotel Chain Over Security Breaches

This ad will end in seconds
Close X

Not a member? Learn More »

Forget Your Password?

Don't have an account? Register »

Reveal Navigation

 

Tech

FTC Sues Wyndham Hotel Chain Over Security Breaches

June 26, 2012

The Federal Trade Commission said Tuesday that it has filed a lawsuit against the hotel chain Wyndham Worldwide Corp., claiming inadequate security measures at the company and three of its subsidiaries led to three data breaches in less than two years.

In a complaint filed in U.S. district court in Arizona, the commission claimed that Wyndham's failure to secure customer data led to fraudulent charges on consumer accounts, costing millions of dollars and the transfer of hundreds of thousands of credit card numbers to hackers most likely based in Russia.

The FTC said the failure to properly secure customer data contradicted Wyndham's own privacy policies and violated the FTC Act's prohibition against unfair and deceptive practices.

The FTC alleges that Wyndham, which operates 7,200 hotels worldwide, failed to use proper security measures to protect customer data such as complex user IDs and passwords and firewalls.

The commission said that in the first security breach in April 2008, hackers accessed the local computer network of a Wyndham hotel in Phoenix. The intrusion allowed the hackers to gain access to the Wyndham Hotels and Resorts corporate network and install malware and access files containing payment account information. As a result, hackers gained access to more than a half-million payment card accounts and exported payment data to a website registered in Russia.

Despite this, the FTC said Wyndham and its subsidiaries failed to fix the security problems and as a result the hotel chain was hit with two more breaches in 2009 using similar techniques employed the first time.

"Defendants' failure to implement reasonable and appropriate security measures exposed consumers' personal information to unauthorized access, collection, and use," according to the complaint. "Such exposure of consumers' personal information has caused and is likely to cause substantial consumer injury, including financial injury, to consumers and businesses."

The commission urged the court to order Wyndham to stop engaging in the activities outlined in the lawsuit and award relief to those injured by the company's failure secure sensitive data.

Wyndham did not respond to a request for comment on the lawsuit.

The incident is just one of many reported in recent years involving major corporations and has prompted calls for Congress to require companies to do more to prevent and respond to security breaches. Several bills have been introduced in Congress but so far lawmakers have yet to move any legislation beyond the committee level.

LIKE THIS STORY? Sign up for Tech Edge

Sign up for our daily newsletter and stay on top of tech coverage.

Sign up form for Tech Edge
Job Board
Search Jobs
Security Alarm Tech/Electrician
Lockheed Martin | Fairfax, VA
Systems Engineer Stf
Lockheed Martin | Washington, DC
Sharepoint Developer
Lockheed Martin | Tampa, FL
Intelligence Analyst Stf
Lockheed Martin | Springfield, VA
Info Assurance Engineer Sr
Lockheed Martin | Glen Allen, VA
Sr. Software Engineer
Lockheed Martin | Herndon, VA
Technical Service Engr Asc Mgr
Lockheed Martin | Herndon, VA
Software Engineer Sr
Lockheed Martin | King of Prussia, PA
Aircraft Maintenance Asc Mgr
Lockheed Martin | Warner Robins, GA
Software Engineer Sr Stf
Lockheed Martin | Herndon, VA
Software Engineer Sr Stf
Lockheed Martin | Herndon, VA
Proposal Analysis Mgr
Lockheed Martin | Herndon, VA
Maintenance Program Management Mgr
Lockheed Martin | Patrick AFB, FL
Assessment Engineer
Lockheed Martin | Bethesda, MD
Info Assurance Engineer Sr
Lockheed Martin | Bethesda, MD
Comments
comments powered by Disqus