- The Federal Trade Commission settled a lawsuit accusing hotel group Wyndham Worldwide Corp of failing to properly safeguard customer information.
- In August a U.S. appeals court ruled that the FTC could proceed with the lawsuit accusing Wyndham Worldwide Corp of failing to properly safeguard consumers' information.
- The case arose from three data breaches in 2008 and 2009 that affected more than 619,000 customers and lead to over $10.6 million in fraudulent charges.
The FTC order will require Wyndham to establish a comprehensive information security program to protect cardholder data.
"It should send a message of comfort to the business community and consumers that the FTC has now published its expectations for what companies must do," said Scott McLester, Wyndham's general counsel.
The company was not required to admit wrongdoing or pay a fine.
"This settlement marks the end of a significant case in the FTC's efforts to protect consumers from the harm caused by unreasonable data security," FTC Chairwoman Edith Ramirez said in a statement. "The court rulings in the case have affirmed the vital role the FTC plays in this important area."
Wyndham's brands include Days Inn, Howard Johnson, Ramada, Super 8 and Travelodge, as well as Wyndham.