Wyndham accused of lax security over customers' personal details

An official complaint has been filed in the US against Wyndham Hotels after hundreds of thousands of its customers' credit card details were posted on a Russian website.

The US Federal Trade Commission alleges that this is the third time in less than two years that the group's "lax" security policies have allowed hackers to access sensitive customer data, including credit card numbers and personal information.

In court documents filed in the US District Court of Arizona, it is claimed that Russian hackers were able to access more than 500,000 customer accounts on three separate occasions between 2008 and 2010.

The information was then used to rack up around £6.8 million in fraudulent credit card transactions.

According to the FTC, the hotel chain and three of its subsidiaries had failed to put the security measures in place, such as firewalls and complex user IDs and passwords.

In a statement, Wyndham's worldwide director of communications Michael Valentino said the chain would vigorously defend itself against the accusations.

"At the time of these incidents, we made prompt efforts to notify the hotel customers whose information may have been compromised, and offered them credit monitoring services," he said.

"To date, we have not received any indication that any hotel customer experienced a financial loss as a result of these attacks. Since these events, we have made significant enhancements to our information security, and have assisted franchised and managed Wyndham Hotels and Resorts-brand hotels in enhancing their information security."

Wyndham Hotel Group has 7,000 hotels worldwide under the brands Ramada, Super 8, Days Inn and Howard Johnson and others.