Even after faulty security led to one breach, the FTC charged, Wyndham still failed to remedy known security vulnerabilities; failed to employ reasonable measures to detect unauthorized access; and failed to follow proper incident response procedures. As a result, Wyndham's security was breached two more times in less than two years.
The breach let scammers:
• Install "memory-scraping" malware on numerous Wyndham-branded hotels' property management system servers.
• Access files on Wyndham-branded hotels' property management system servers that contained payment card account information for large numbers of consumers, which was improperly stored in clear readable text.
• Ultimately, the breach led to the compromise of more than 500,000 payment card accounts, and the export of hundreds of thousands of consumers' payment card account numbers to a domain registered in Russia.
In May, the FBI warned travelers there had been an uptick in malicious software infecting laptops and other devices linked to hotel Internet connections. The FBI wasn't specific about any particular hotel chain, nor the software involved but stated: "Recent analysis from the FBI and other government agencies demonstrates that malicious actors are targeting travelers abroad through pop-up windows while they are establishing an Internet connection in their hotel rooms."
The FBI recommended that all government, private industry, and academic personnel who travel abroad take extra caution before updating software products through their hotel Internet connection. Checking the author or digital certificate of any prompted update to see if it corresponds to the software vendor may reveal an attempted attack. The FBI also recommends that travelers perform software updates on laptops immediately before traveling, and that they download software updates directly from the software vendor's website if updates are necessary while abroad."
The FBI said typically travelers attempting to set up a hotel room Internet connection were presented with a pop-up window notifying the user to update a widely used software product. If the user clicked to accept and install the update, malicious software was installed on the laptop. The pop-up window appeared to be offering a routine update to a legitimate software product for which updates are frequently available.
Read more about wide area network in Network World's Wide Area Network section.