Skip Navigation

Close and don't show again.

Your browser is out of date.

You may not get the full experience here on National Journal.

Please upgrade your browser to any of the following supported browsers:

Reveal Navigation

FTC Sues Wyndham Hotel Chain Over Security Breaches FTC Sues Wyndham Hotel Chain Over Security Breaches FTC Sues Wyndham Hotel Chain Over Security Breaches FTC Sues Wyndham Hotel Ch...

share
This ad will end in seconds
Close X

Not a member? Learn More »

Forget Your Password?

Don't have an account? Register »

Reveal Navigation

 

Tech

FTC Sues Wyndham Hotel Chain Over Security Breaches

June 26, 2012

The Federal Trade Commission said Tuesday that it has filed a lawsuit against the hotel chain Wyndham Worldwide Corp., claiming inadequate security measures at the company and three of its subsidiaries led to three data breaches in less than two years.

In a complaint filed in U.S. district court in Arizona, the commission claimed that Wyndham's failure to secure customer data led to fraudulent charges on consumer accounts, costing millions of dollars and the transfer of hundreds of thousands of credit card numbers to hackers most likely based in Russia.

The FTC said the failure to properly secure customer data contradicted Wyndham's own privacy policies and violated the FTC Act's prohibition against unfair and deceptive practices.

The FTC alleges that Wyndham, which operates 7,200 hotels worldwide, failed to use proper security measures to protect customer data such as complex user IDs and passwords and firewalls.

The commission said that in the first security breach in April 2008, hackers accessed the local computer network of a Wyndham hotel in Phoenix. The intrusion allowed the hackers to gain access to the Wyndham Hotels and Resorts corporate network and install malware and access files containing payment account information. As a result, hackers gained access to more than a half-million payment card accounts and exported payment data to a website registered in Russia.

Despite this, the FTC said Wyndham and its subsidiaries failed to fix the security problems and as a result the hotel chain was hit with two more breaches in 2009 using similar techniques employed the first time.

"Defendants' failure to implement reasonable and appropriate security measures exposed consumers' personal information to unauthorized access, collection, and use," according to the complaint. "Such exposure of consumers' personal information has caused and is likely to cause substantial consumer injury, including financial injury, to consumers and businesses."

The commission urged the court to order Wyndham to stop engaging in the activities outlined in the lawsuit and award relief to those injured by the company's failure secure sensitive data.

Wyndham did not respond to a request for comment on the lawsuit.

The incident is just one of many reported in recent years involving major corporations and has prompted calls for Congress to require companies to do more to prevent and respond to security breaches. Several bills have been introduced in Congress but so far lawmakers have yet to move any legislation beyond the committee level.

You May Find These of Interest
Get us in your feed.
Job Board
Search Jobs
Watershed Resources Specialist
American Society of Civil Engineers | San Francisco, CA
Project Manager II
American Society of Civil Engineers | Memphis, TN
Manager of Engineering
American Society of Civil Engineers | Berkeley, CA
Mechanical Engineer - Dallas, TX
American Society of Civil Engineers | Dallas, TX
SENIOR STRUCTURAL ENGINEER / ENGINEERING PRODUCTION MANAGER
American Society of Civil Engineers | Boulder, CO
Senior GCP Auditor
American Society of Civil Engineers | San Francisco, CA
Structural Engineer
American Society of Civil Engineers | Orlando, FL
Construction Engineering
American Society of Civil Engineers | Chicago, IL
Concrete Testing Technician & Special Inspectors
American Society of Civil Engineers | New York, NY
SharePoint Specialist - Englewood, CO
American Society of Civil Engineers | Englewood, CO
Construction Engineer
American Society of Civil Engineers | Cleveland, OH
Rail Vehicle Mechanical Engineer - Elmira, NY
American Society of Civil Engineers | Philadelphia, PA
Structural Engineer
American Society of Civil Engineers | Chicago, IL
Engineering Manager
American Society of Civil Engineers | Springfield, VA