In 2008 and 2009, Wyndham Worldwide Corp. was hacked three
separate times, exposing more than 619,000 customer credit cards to more than
$10.6 million in fraudulent charges. As a result, the US Federal Trade
Commission sued the hotel chain for failing to take reasonable steps to protect
consumer information.
Wyndham claimed it hired five different security consulting
groups to audit its systems, but that none were able to find and fix the
security hole that let the hackers into the company's systems. Wyndham's
lawyers argued that these were reasonable steps, even though they were
ultimately unsuccessful, but an appeals court ruled
in August that the FTC could proceed in bringing enforcement action against
the chain.
This suggests that in the future, the bar for doing enough
to keep your customers' data safe is going to rise. If you aren't sure whether
you need to do more, download our guide to "The 5 Critical Elements of Risk Assessment" and call us for a security
audit.
No comments:
Post a Comment