Â Last week,Â authorities in the US filed a lawsuit against Wyndham Worldwide,Â claiming the company and three subsidiaries failed to protect sensitive customer credit card data. The Federal Trade Commission is investigating the reasoning behind the data breaches of 600,000 credit card numbers including expiry and security codes, over a three year period in three separate data breaches, resulting in over $10 million in fraudulent losses to cardholders, banks, and credit card companies.
Consumer confidence in Wyndham, and the hotel industry in general, is threatened since losses might occur as a result of these breaches. Protecting sensitive customer credit card data is paramount to maintaining consumer trust. In the case of Wyndham and many other targets of cyber attacks, weak login credentials in property management systems are a key factor for data breaches.
According to the FTC, Wyndham Worldwide had many points of weakness in their security chain including; storing credit card information in plain text, storing sensitive security codes (aka CVV/CVS/CVC data), not using firewalls, not enforcing strong passwords, not using updated operating systems, and not having adequate logging.
The security breaches that resulted in the lax security measures at Wyndham could have happened to anyone. The safety and security of customer data is a critical issue, and needs to be a more pertinent matter on consumerâs minds. Data breaches are widespread, common, and can happen to anyone. By recognizing the seriousness of this issue, consumers make themselves less vulnerable to attacks.
Finkelstein Thompson routinely prosecutes consumer class actions on behalf of victims of such data breaches.