Last updated: 08:48 PM ET, Wed December 09 2015

Wyndham Reaches Settlement with FTC on Data Breach Lawsuit

Hotel & Resort | Patrick Clarke | December 09, 2015

Wyndham Reaches Settlement with FTC on Data Breach Lawsuit

TravelPulse file photo

Wyndham Worldwide Corporation settled a lawsuit Wednesday with the Federal Trade Commission stemming from data breaches that occurred at some of the hotel group's properties between 2008 and 2010.

The group was the target of cyberattacks that allowed hackers to access customer information. Reuters reported that the FTC found the breaches led to more than $10.6 million in fraudulent charges.

As part of the terms of the settlement, Wyndham will not have to pay any monetary relief.

Meanwhile, Wyndham will be granted a Safe Harbor so long as it continues to meet the requirements for "reasonable information security" outlined in the FTC's consent order.

Keep in mind that the consent order only applies to payment card information. However the company's obligations under the consent order will last for two decades. 

"We are pleased to reach this settlement with the FTC, which does not hold Wyndham liable for any violations, nor require Wyndham to pay any monetary relief," the company said in a statement. "We chose to defend against this litigation based on our strong belief that we have had reasonable data security in place, and that the FTC's position could have had a negative impact on the franchise business model."

"This settlement resolves these issues, and sets a standard for what the government considers reasonable data security of payment card information. Safeguarding personal information remains a top priority for our company at a time when companies and government agencies are increasingly the targets of cyberattacks," Wyndham concluded.

"This settlement marks the end of a significant case in the FTC's efforts to protect consumers from the harm caused by unreasonable data security," FTC Chairwoman Edith Ramirez said in a statement via Reuters. "The court rulings in the case have affirmed the vital role the FTC plays in this important area."

As Ramirez pointed out, the case is notable as it's the first to establish data security standards.

Wyndham said that it cooperated fully with the FTC's investigation into the matter and had no indication that any hotel customers experienced financial loss as a result of the data breach. 

The settlement comes in the wake of recent data breaches impacting Hilton and Starwood properties.


You may use your Facebook account to add a comment, subject to Facebook's Terms of Service and Privacy Policy. Your Facebook information, including your name, photo & any other personal data you make public on Facebook will appear with your comment, and may be used on Click here to learn more.

Sandals Resorts: The 5-Star Luxury Included Resorts

Hotels & Resorts