By Todd Sperry, CNN <\/p>\n
updated 6:54 PM EDT, Tue June 26, 2012 <\/p>\n
STORY HIGHLIGHTS <\/p>\n
Washington (CNN) -- The federal government filed suit Tuesday against Wyndham Hotels after sensitive customer data, including credit card numbers and personal information, allegedly were stolen three times in less than two years. <\/p>\n
In court documents, the Federal Trade Commission alleges Wyndham Hotels' lax security policies allowed Russian hackers to access more than 500,000 customer accounts on three separate occasions between 2008 and 2010. Hackers used the data to rack up more than $10.6 million in fraudulent credit card transactions, according to the suit filed in the U.S. District Court of Arizona. <\/p>\n
The security breaches involved Wyndham's Phoenix, Arizona, data center, the main hub where the company stores and transfers data between its corporate headquarters and affiliates. <\/p>\n
By gaining access to the Arizona data center, hackers were able to install \"phishing\" software on numerous Wyndham servers around the world and gain access to customer data, the FTC's lawsuit alleges. <\/p>\n
\"At the time of these incidents, we made prompt efforts to notify the hotel customers whose information may have been compromised, and offered them credit monitoring services,\" Michael Valentino, Wyndham's worldwide director of communications, said in a statement to CNN. <\/p>\n
But Wyndham failed to take proper security measures even after the company was aware of a security breach, according to the FTC's complaint. The FTC said Wyndham should have instituted complex user IDs and passwords, and fixed software that stored the company's customer credit card data in clear readable text. Wyndham didn't make the fixes, the government alleges, and the hackers were able to gain access to servers on two more occasions. <\/p>\n
\"Even after faulty security led to one breach ... Wyndham still failed to remedy known security vulnerabilities; failed to employ reasonable measures to detect unauthorized access; failed to follow proper incident response procedures,\" the FTC said in a statement announcing the suit. <\/p>\n<\/p>\n
See the original post:<\/p>\n
Feds sue Wyndham Hotels over repeated computer hacks<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" By Todd Sperry, CNN updated 6:54 PM EDT, Tue June 26, 2012 STORY HIGHLIGHTS Washington (CNN) -- The federal government filed suit Tuesday against Wyndham Hotels after sensitive customer data, including credit card numbers and personal information, allegedly were stolen three times in less than two years. Continue reading