Main Menu
Posts tagged security enforcement actions.

Last month the Federal Trade Commission filed a lawsuit against Wyndham Worldwide Corporations and three of its subsidiaries (“Wyndham”) in U.S. District Court in Arizona. The complaint alleges that Wyndham engaged in unfair and deceptive practices by failing to implement reasonable data security protections on computers used by independently owned Wyndham hotels and because the company’s public privacy policy misrepresented the security measures it actually employed to protect customer’s personal information. Specifically, the Commission alleged that Wyndham:

    • failed to use strong (and in some cases any) passwords to limit access to computer files;
    • failed to use firewalls to separate corporate and hotel computer systems;
    • improperly stored payment information in clear text;
    • failed to implement reasonable measures to detect security breaches;
    • failed to implement proper incident response procedures or  remedial steps after learning of a data breach; and
    • failed to adequately restrict access to company systems by third party vendors.

The claims stem from three separate data breaches over a period of two years in which hackers obtained the private information of more than 600,000 customers, which led to more than $10.6 million in fraudulent charges.

Search This Blog

Subscribe

RSS RSS Feed

About the Editor

Greg Duff founded and chairs Foster Garvey’s national Hospitality, Travel & Tourism group. His practice largely focuses on operations-oriented matters faced by hospitality industry members, including sales and marketing, distribution and e-commerce, procurement and technology. Greg also serves as counsel and legal advisor to many of the hospitality industry’s associations and trade groups, including AH&LA, HFTP and HSMAI.

Recent Posts

Topics

Select Category:

Archives

Select Month:

Contributors

Back to Page

We use cookies to improve your experience on our website. By continuing to use our website, you agree to the use of cookies. To learn more about how we use cookies, please see our Cookie Policy.