Hackers broke into computer systems at Wyndham Hotels & Resorts recently, stealing sensitive customer data.
The break-in occurred between late October 2009 and January 2010, when it was finally discovered. It affected an undisclosed number of company franchisees and hotel properties that Wyndham manages. Wyndham has acknowledged the incident in a note posted to its Web site.
“A hacker intruded on our systems and accessed customers information from a limited number of franchised and managed properties,” the company said. “The hacker was able to move some information to an off-site URL before we discovered the intrusion.”
Hackers were able to steal data required for credit card fraud, the company said, including “guest names and card numbers, expiration dates and other data from the card’s magnetic stripe.”
Wyndham did not say how many hotels were hacked or how many customers were affected. The company did not return messages seeking comment Friday.
This is the third data breach reported by Wyndham in the past year. Last February, Wyndham said that hackers stole tens of thousands of credit card numbers between July and August 2008.
In that case, criminals hacked into a Wyndham franchisee and then stole data from a central company server.
Wyndham, which operates Days Inn, Ramada and Super 8 motels, warned customers of a second breach in August 2009.
The company has not yet notified victims of this latest incident, but expects to begin doing so by the end of March, when it has concluded the investigation.