Wyndham Hotels & Resorts sued by FTC over data breach
We did wonder, did not we, as to how come hotels were never in the news for data breaches? They store a large amount of customer data and it is vulnerable. Well, the wait is over. Here is a news item which very much talks about a data breach which took place at a hotel chain and now the owner is being used.
Who let the ‘hotel data’ out?
The franchiser of Days Inn hotels and Super 8 motels, Wyndham Worldwide Corp. (WYN), was sued by the U.S. Federal Trade Commission due to security breaches that exposed information of more than 500,000 credit card customers. These data breaches led to fraudulent charges on customers’ accounts and the export of credit card information to an Internet domain address that was registered in Russia.
FTC’s statement
“Wyndham’s privacy policy misrepresented the security measures that the company and its subsidiaries took to protect consumers’ personal information,” the FTC said in a complaint filed today in federal court in Arizona. The breaches led to more than $10.6 million in “fraud losses,” the FTC said.
Comment by Wyndham spokesperson
“We regret the FTC’s recent decision to pursue litigation, as we have fully cooperated in its investigation and believe its claims are without merit,” Michael Valentino, a Wyndham spokesman, said in an e-mailed statement. Wyndham will fight the agency’s suit and doesn’t expect it to have a material impact on the company, he said.
Previous breaches at Wyndham
The first attack took place in 2008 where Intruders were able to install “memory-scraping malware” in the systems as well as find customer data stored in clearly readable text. A second attack took place in March 2009, when hackers hacked an administrator account in Wyndham’s Phoenix data center. The third attack on Wyndham was reported in late 2009. This time the hackers were able access the systems of multiple hotels.
About Wyndham Hotels
Wyndham is based out of Parsippany, New Jersey and licenses the Wyndham name to about 90 hotels under franchise and management agreements. As per the company report its first-quarter revenue rose about 9 percent to $1.04 billion, while net income fell 56 percent to $32 million due to early extinguishment charges related to debt tender offers. Since then the shares have gone up by 60 percent in the past year.
Alertsec can assist hotels and organizations in protecting data
This piece of post emphasises the importance to protect your identity these days, especially your e-identity i.e. digital identity. Credit cards, ATM cards, debit cards etc are more vulnerable than you know. Comapnies like Alertsec are here to protect your identities.
Alertsec Xpress uses Check Point Full Disk Encryption software. The software encrypts and decrypts data on the fly making it transparent to the user and to applications. One of the issues with traditional disk encryption software is that access time increases. In independent tests, Check Point Full Disk Encryption delivered the best performance results when compared with other major products on the market, with less than 2% degradation in disk performance.
