Court: FTC can sue companies for failing to protect customer data

Wyndham Worldwide Corp. must face a case against it from the Federal Trade Commission, a US appeals court has ruled. The case is in regards to Wyndham's alleged failure to protect its customers' data. In both 2008 and 2009, Wyndham suffered three cyberattacks that ultimately left in excess of 619,000 card accounts vulnerable. Many consumers were then hit with fraudulent charges after the Russian hackers behind the breach disseminated the stolen information.

The FTC accused Wyndham of failing to adequately protect its customers' data, and in March Wyndham hit back claiming it was being unfairly penalized and that the FTC was overstepping its reach. The appeals court ultimately sided with the FTC, saying that Wyndham's claim of the FTC's overreach was "alarmist to say the least," according to Bloomberg.

FTC Chairwoman Edith Ramirez said in a statement:

Today's Third Circuit Court of Appeals decision reaffirms the FTC's authority to hold companies accountable for failing to safeguard consumer data. It is not only appropriate, but critical, that the FTC has the ability to take action on behalf of consumers when companies fail to take reasonable steps to secure sensitive consumer information.

The ruling comes at a time when retailers of all sorts, as well as medical entities and government agencies, are suffering an increasing number of sophisticated and usually successful cyberattacks. The government itself recently disclosed a massive data grab by what is said to have been a collective of Chinese hackers.

SOURCE: Bloomberg