In a unanimous ruling, the US Federal Trade Commission decided to file suit against Wyndham for data breaches at its hotels.
The FTC alleges failures to implement the organizations policies led to fraudulent charges being billed to consumers’ accounts, millions of dollars in losses, and the export of cardholders account information to an Internet domain address registered in Russia.
According to the FTC, more than 500,000 consumers’ accounts were compromised through a memory-scrapping technique that employed embedded malware installed onto IT servers located at numerous Wyndham hotel properties.
The activities are alleged to have occurred in 2009 and the theft and fraudulent use of customers’ credit card data is alleged to have been enabled by credit card account information stored in clear-text on the Wyndham servers where malware was installed by the perpetrators.
See more on this at the following:
FTC files suit against Wyndham Hotels
Hotelier faces FTC data breach lawsuit
FTC hits Wyndham with lawsuit