The hard-fought cybersecurity case Federal Trade Commission v. Wyndham Worldwide Corp. has been resolved. For the next 20 years, Wyndham, a holding company for Wyndham hotels and other lodging brands, has agreed to perform annual security audits that conform to the Payment Card Industry Data Security Standard, certify the networks of its franchisees, engage an auditor to perform a formal risk assessment process that will analyze the security risks that the company faces, and notify the FTC in the event of a breach of more than 10,000 credit card numbers.
By way of background, during 2008 and 2009 hackers compromised the hotel chain’s security system and through that breach over $10 million in fraudulent charges were levied against customers whose credit card information had been disclosed to the hotel. The FTC commenced an administrative action against the chain, alleging that the company failed to adequately protect consumer data under the section of the U.S. code that prohibits “unfair or deceptive acts or practices in or affecting commerce.” This code has been used For the full article click here
from cyber security caucus http://ift.tt/20s9CzV
via IFTTT
No comments:
Post a Comment