FTC sues Wyndham hotels over data breaches

Discussion in 'Travel Technology' started by sobore, Jun 26, 2012.  |  Print Topic

  1. sobore
    Original Member

    sobore Gold Member

    Messages:
    12,421
    Likes Received:
    33,847
    Status Points:
    16,520
    http://news.cnet.com/8301-1009_3-57460551-83/ftc-sues-wyndham-hotels-over-data-breaches/

    Hackers stole information from hundreds of thousands of payment cards, resulting in millions of dollars in fraud loss.

    The U.S. Federal Trade Commission has filed a lawsuit against hotel chain Wyndham Worldwide and three subsidiaries for alleged security failures that the agency says enabled hackers to access more than 600,000 payment card accounts in three data breaches in less than two years.
    The hackers exported the payment card account data to an Internet domain address registered in Russia, according to the FTC lawsuit (PDF).

    Read More: http://news.cnet.com/8301-1009_3-57460551-83/ftc-sues-wyndham-hotels-over-data-breaches/
     
  2. sobore
    Original Member

    sobore Gold Member

    Messages:
    12,421
    Likes Received:
    33,847
    Status Points:
    16,520
    http://www.tnooz.com/2012/07/02/new...ecurity-wake-up-call-for-the-travel-industry/

    Hotel chain lawsuit MUST BE a security wake-up call for the travel industry


    Last week, authorities in the US filed a lawsuit against Wyndham Worldwide, claiming the company and three subsidiaries failed to protect sensitive customer credit card data.
    The Federal Trade Commission is looking into why almost 600,000 credit card numbers including expiry and security codes, were stolen over a three year period in three separate data breaches, resulting in over $10 million in fraudulent losses to cardholders, banks, and credit card companies.
    But the biggest loss, I would argue, is a loss of consumer confidence that Wyndham – and the wider industry – might incur as a result of these breaches.
    In a recent post titled Credit card safety and cyber attacks in travel – everyone’s responsibility, I argued that protecting sensitive customer credit card data is paramount to maintaining consumer trust. In the Trustwave 2012 Global Security Report, hospitality ranked at the top of the list for data breaches for the fourth year in a row.

    So, in short, what the heck is going on?
    Don’t get me wrong, I fully understand that system security is probably not on the top of every hotelier’s skill sets but strong security practices should be built into every business process.
    Weak passwords and a laissez faire attitude towards property management system usernames and passwords should never be an excuse for a compromise.
    It doesn’t just happen in the hotel industry though. I can’t tell you how many times I’ve seen general computer users (regardless of industry) use weak passwords for logins into systems that are business critical.
    In the case of Wyndham and many other targets of cyber attacks, weak login credentials in property management systems are a key vector for data breaches.

    Read More: http://www.tnooz.com/2012/07/02/new...ecurity-wake-up-call-for-the-travel-industry/
     

Share This Page