FTC sues Wyndham Hotels after three credit card breaches
The Federal Trade Commission is suing a major hotel chain and its subsidiaries for allegedly failing to secure the financial information of its guests, which led to fraudulent charges of more than $10 million and the siphoning out of hundreds of thousands of credit card numbers.
The complaint (PDF), announced Tuesday, centers on the fact that New Jersey-based Wyndham Worldwide Corp. experienced three data breaches in under three years. In each case, the intruders made off with financial information by breaching the company's Phoenix data center.
The FTC alleges that Wyndham, which operates 7,200 hotels and 93,000 vacation properties worldwide, and its three subsidiaries -- Wyndham Hotel Group, Wyndham Hotels and Resorts, LLC, Wyndham Hotel Management -- "misrepresented the security measures that the company and its subsidiaries took to protect consumers' personal information and that its failure to safeguard personal information caused substantial consumer injury."