Wyndham Hotels Hacked Again

Hackers broke into computer systems at Wyndham Hotels & Resorts recently, stealing sensitive customer data.

The break-in occurred between late October 2009 and January 2010, when it was finally discovered. It affected an undisclosed number of company franchisees and hotel properties that Wyndham manages. Wyndham has acknowledged the incident in a note posted to its Web site.

"A hacker intruded on our systems and accessed customers information from a limited number of franchised and managed properties," the company said. "The hacker was able to move some information to an off-site URL before we discovered the intrusion."

Hackers were able to steal data required for credit card fraud, the company said, including "guest names and card numbers, expiration dates and other data from the card's magnetic stripe."

Wyndham did not say how many hotels were hacked or how many customers were affected. The company did not return messages seeking comment Friday.

This is the third data breach reported by Wyndham in the past year. Last February, Wyndham said that hackers stole tens of thousands of credit card numbers between July and August 2008.

In that case, criminals hacked into a Wyndham franchisee and then stole data from a central company server.

Wyndham, which operates Days Inn, Ramada and Super 8 motels, warned customers of a second breach in August 2009.

The company has not yet notified victims of this latest incident, but expects to begin doing so by the end of March, when it has concluded the investigation.

Shop ▾
arrow up Amazon Shop buttons are programmatically attached to all reviews, regardless of products' final review scores. Our parent company, IDG, receives advertisement revenue for shopping activity generated by the links. Because the buttons are attached programmatically, they should not be interpreted as editorial endorsements.

Subscribe to the Security Watch Newsletter