Hack Alert
This is getting a little ridiculous is it not? Every week there's a new hack. This time you're being warned that if you stayed at a Wyndham Hotels and Resorts property last year that you may want to monitor your credit card statements They are the "latest" victim, for lack of a better word, of a data breach which has compromised payment card information.
Here's the Press Release
Press Release
February 16, 2009
To our Wyndham Hotels and Resorts guests:
In mid-September, 2008, our company discovered that a sophisticated hacker penetrated the computer systems of one of the Wyndham Hotels and Resorts (WHR) franchised hotels. By going through the centralized network connection, the hacker was then able to access and download information from several, but not all, of the other WHR properties and create a unique file containing payment card information of a small percentage of our WHR customers. The incident did not affect any of the other branded hotels in the Wyndham Hotel Group system. We deeply regret that this incident occurred and are doing everything we can to notify our customers directly, to address and remedy the problem, and, more importantly, to ensure that it does not reoccur.
CLICK HERE FOR FAQS ABOUT THE INCIDENT.
In addition to ensuring that the hack was immediately terminated and disabled, we promptly retained a qualified investigator to assess the problem and ensure that we had isolated it, and then to help us implement the proper changes to strengthen and improve the security of our connections with each of our WHR branded properties. Further, each of the impacted properties separately brought in a qualified PCI investigative firm to assess and improve the security at each hotel property in the system.
To ensure our customers’ card numbers were protected, we provided each of the payment card companies (American Express, Visa, Mastercard and Discover) with the actual card numbers that were accessed so that these payment card companies could take such action as they deemed appropriate to monitor the use of the cards.
We also notified the Secret Service, as well as several states' attorneys general offices with information about the breach, and continue to work with law enforcement to assist in the investigations of this matter.
Because only payment card information was compromised, we had difficulty locating the names and addresses of the individual customers’ impacted. Undaunted, we contracted with secure third party consumer reporting agencies to match every active credit card in the United States with the consumer’s name and address and we personally provided notice to those individuals.
CLICK HERE FOR A COPY OF THE CONSUMER LETTER THAT WAS DELIVERED TO EACH IMPACTED CONSUMER.
Potentially exposed through this breach are guest and/or cardholder names and card numbers, expiration dates and other data from the card’s magnetic stripe. At this time, no criminal identity theft related to the use of the consumer data has been identified. Importantly, we believe that it is unlikely that identity theft will occur because of the limited amount of information that was compromised. Birthdates, SSNs, addresses or other personally identifying information were not kept by the hotels and therefore not part of the compromise. Nevertheless, we recommend that you regularly monitor your card and bank statements and that you promptly report all suspicious activity to the financial institution that issued your card.
CLICK HERE FOR A DESCRIPTION OF ACTIONS YOU CAN TAKE TO PROTECT YOUR CREDIT.
Wyndham prides itself on providing exceptional value for our guests. We deeply regret this incident occurred and we will work hard to restore your confidence in our brand.
Sincerely,
Kirsten Hotchkiss
This is getting a little ridiculous is it not? Every week there's a new hack. This time you're being warned that if you stayed at a Wyndham Hotels and Resorts property last year that you may want to monitor your credit card statements They are the "latest" victim, for lack of a better word, of a data breach which has compromised payment card information.
Here's the Press Release
Press Release
February 16, 2009
To our Wyndham Hotels and Resorts guests:
In mid-September, 2008, our company discovered that a sophisticated hacker penetrated the computer systems of one of the Wyndham Hotels and Resorts (WHR) franchised hotels. By going through the centralized network connection, the hacker was then able to access and download information from several, but not all, of the other WHR properties and create a unique file containing payment card information of a small percentage of our WHR customers. The incident did not affect any of the other branded hotels in the Wyndham Hotel Group system. We deeply regret that this incident occurred and are doing everything we can to notify our customers directly, to address and remedy the problem, and, more importantly, to ensure that it does not reoccur.
CLICK HERE FOR FAQS ABOUT THE INCIDENT.
In addition to ensuring that the hack was immediately terminated and disabled, we promptly retained a qualified investigator to assess the problem and ensure that we had isolated it, and then to help us implement the proper changes to strengthen and improve the security of our connections with each of our WHR branded properties. Further, each of the impacted properties separately brought in a qualified PCI investigative firm to assess and improve the security at each hotel property in the system.
To ensure our customers’ card numbers were protected, we provided each of the payment card companies (American Express, Visa, Mastercard and Discover) with the actual card numbers that were accessed so that these payment card companies could take such action as they deemed appropriate to monitor the use of the cards.
We also notified the Secret Service, as well as several states' attorneys general offices with information about the breach, and continue to work with law enforcement to assist in the investigations of this matter.
Because only payment card information was compromised, we had difficulty locating the names and addresses of the individual customers’ impacted. Undaunted, we contracted with secure third party consumer reporting agencies to match every active credit card in the United States with the consumer’s name and address and we personally provided notice to those individuals.
CLICK HERE FOR A COPY OF THE CONSUMER LETTER THAT WAS DELIVERED TO EACH IMPACTED CONSUMER.
Potentially exposed through this breach are guest and/or cardholder names and card numbers, expiration dates and other data from the card’s magnetic stripe. At this time, no criminal identity theft related to the use of the consumer data has been identified. Importantly, we believe that it is unlikely that identity theft will occur because of the limited amount of information that was compromised. Birthdates, SSNs, addresses or other personally identifying information were not kept by the hotels and therefore not part of the compromise. Nevertheless, we recommend that you regularly monitor your card and bank statements and that you promptly report all suspicious activity to the financial institution that issued your card.
CLICK HERE FOR A DESCRIPTION OF ACTIONS YOU CAN TAKE TO PROTECT YOUR CREDIT.
Wyndham prides itself on providing exceptional value for our guests. We deeply regret this incident occurred and we will work hard to restore your confidence in our brand.
Sincerely,
Kirsten Hotchkiss