Posted by: Arian Eigen Heald
Data Breaches, data security, information security
Comes the latest news via CSOOnline:
Wyndham Hotels and Resorts experienced a computer security incident in late 2009. As a result of that incident, an unauthorized user may have gained access to credit card numbers and certain associated information. As soon as the incident was identified, the perpetrator’s access was quickly isolated and contained. We believe a maximum of 37 Wyndham Hotel and Resorts branded properties may have been affected for various windows of time during the period between October 25, 2009 and January 29, 2010.
This is rather different from the announcement on their web page:
In late January, 2010, our company discovered that a sophisticated hacker penetrated the computer systems of one of the Wyndham Hotels and Resorts (WHR) data centers. By going through the centralized network connections, the hacker was then able to access and download information from several, but not all, of the WHR hotels and remove payment card information of a small percentage of our WHR customers. The incident did not affect any of the other branded hotels in the Wyndham Hotel Group system.
If you delve into their FAQ page, the information concerning the dates is made clear. I guess they didn’t want to say somebody was in their system for 3-4 months on the announcement page.
I guess the Ramada, Days Inn and Super 8 customers can rest easy. It was only the high-end hotels.