Wyndham Hotels hacked again

Hackers breached one of the hotel group's datacentres

International hotel group Wyndham Hotels and Resorts has suffered yet another serious data breach after hackers broke into its computer systems and stole customer names and payment card information.

An open letter posted on the firm's site said that the hotel group discovered the attack on one of its datacentres in late January.

"By going through the centralised network connections, the hacker was able to access and download information from several, but not all, of the Wyndham hotels and remove payment card information of a small percentage of customers," read the letter.

"In addition to ensuring that the hack was immediately terminated and disabled, we promptly retained a qualified investigator to assess the problem and ensure that we had isolated it, and then to help us implement the proper changes to strengthen and improve the security of our connections with each of our branded properties."

The company also hired an investigation firm to assess and improve the security at "each hotel property in the system".

Wyndham also notified the US Secret Service and several state attorneys, and has provided the credit card companies with the numbers of all compromised cards so that they can monitor usage.

Understandably the hotel group tried to play down the significance of the breach, its third in a year.

"No criminal identity theft related to the use of the consumer data has been identified," the letter stated.

"Importantly, we believe that it is unlikely that identity theft will occur because of the limited amount of information that was compromised. Birthdates, social security numbers, addresses or other personally identifying information were not kept by the hotels and are therefore not part of the compromise."