Wyndham Worldwide's attempt to have a lawsuit by the US Federal Trade Commission (FTC) dismissed that would make the hotel chain liable for three data breaches over two years that exposed customer payment card information has failed.
Today, the Third U.S. Circuit Court of Appeals ruled that the FTC can move forward with its lawsuit that alleges Wyndam should be held responsible for leaving its customer data unprotected -- with no firewalling and out-of-date, vulnerable software. The agency is calling for the company to beef up security and provide reparations to customers as appropriate.
The ruling in effect gives the FTC the power to regulate the security practices of businesses.