false

false false

1315 false 480000

249

2012-04-07T01:42:05Z

Hack

CCN NAA

2008-12-22 08:00:00 UTC Organization reports incident 2008-12-22 08:00:00 UTC Organization mails notifications 2008-08-01 00:00:00 UTC Incident Occurred 2008-09-12 00:00:00 UTC Incident discovered by organization

Outside

Wyndham Hotels & Resorts

1257

false

Wyndham Hotels

WYN

2012-04-07T01:56:49Z

Letter From Wyndham reporting credit card number, expiration date & possibly names were compromised

Ms Hotchkiss sent me a letter that was identical to the "John doe" letter referenced in the .pdf. Contrary to what Ms Hotchkiss writes in the letter, my credit card company has NOT been notified. Also, when calling the info line, you can get know helpful information like specifically what credit card was compromised (I was able to deduce my CC). Finally, the webiste listed for the equifax service is incorrect. 2009-01-02 01:12:14 UTC I received this letter as well. Seems to me that if they are able to pull my name, they could also have let me know which hotel I stayed at and when, as well as which credit card was compromised. I don't recall staying at a Wyndham so this could be difficult for me to figure out. 2009-01-05 10:16:11 UTC I also received this letter in December. My CC company is NOT notified. My one and the only stay at Wyndham in past 5 years was a stay at a Wyndham resort in Puerto Rico in Nov of 2007. I cannot get any more specific info from Wyhdham such as the cause of breach, the period being affected, or any other info other than the generic answer same as the letter. 2009-01-07 12:48:30 UTC I also got this letter. I'm not sure I ever stayed at a Wyndham. suspect this is an attempt to get people to register for equifax's service, which is not useful in any way -- it doesn't let you see your score or your report, and tries to get you to upgrade for a fee. Horrible. 2009-01-13 21:36:46 UTC I received this letter in December. I don't recall staying at a Wyndham property, but I'm not really interested in trying to decode when and where I might have stayed there. I am hesitant to give my SS# to the equifax website. 2009-01-14 09:44:41 UTC It's for sure a scam, I got a letter too but I didn't stay in any hotel during September so that alone let's me know. Also, did you check that cheap letter head? I checked it out online and saw the same letter sent to many people as well as a scam sent under the heading of Wyndham Time Share Resorts. Someone really has it in for Wyndham I suppose. 2009-01-15 14:13:41 UTC Short Answer: - The letter is valid - Information in the letter (URL, phone #, etc) is valid Long Answer: I also received a letter stating that there had been “a data security incident involving your personal information”. In the letter was a promotion code for a year of credit monitoring from Equifax free for a year. I did not feel comfortable with the URL in the letter (www.myservices.equifax.com/3in1alererts) so I called Wyndham directly. The Wyndham representative confirmed that the letter was valid and gave me phone number to call for more details. The phone number the rep gave me was the same one contained in the letter. I then went directly to Equifax as I still did not feel secure about the URL in the letter. After filling out the required information and verifying my identity, I tried to enter the promotion code given to me in the letter from Wyndham but it did not work. I called the number, referred to me by both a Wyndham rep and the letter. I asked if she could identify which credit card was at risk, but she said only her supervisor could look up that information and that I should expect a call within one to two days. I also asked about the promotion code for Equifax which did not work, and she said that they would get back to me with a valid code. I decided to check out the URL provided in the letter (www.myservices.equifax.com/3in1alererts). Once you click on the link to buy the “3 in 1” service it goes to the same URL (one of the parameters is different, however) that you would have gotten if you had started from Equifax.com. Since I had already created an account from Equifax, but did not enter payment information since the promotion code didn’t work, I gave the URL in the letter a try. The site recognized that the user ID I had just setup directly from Equifax.com was in use, so I conclude that the URL in letter is a legitimate Equifax URL. So, now I’m just waiting to hear back from Wyndham with a valid code for Equifax and details on the credit card which may have been compromised. 2009-01-16 13:27:10 UTC

Phoenix, AZ, USA

Phoenix Maricopa AZ US 33.4484 -112.074 4