The U.S. Federal Trade Commission (FTC) has just sued a hotel chain for deceptive trade practices. Here’s what is alleged to have occurred.
Hackers repeatedly gained access to hotel guests’ credit card information. Of course, the credit cards were fraudulently billed. The credit card info was posted on a Russian website. So much for privacy.
The FTC contends that these acts meant the hotel engaged in deceptive and unfair practices.
Why?
The FTC claims that the hotel chain marketed and advertised to consumers the chain “had implemented reasonable and appropriate measures to protect personal information against unauthorized access.” However, the FTC contends the hotel chain “did not implement reasonable and appropriate measures to protect personal information against unauthorized access.”
It’s important to note that in addition to the FTC’s lawsuit against the hotel chain, the credit card companies, and the credit card holders may have additional claims they can bring for damages caused because of the fraudulent billings.
If you own a website that collects credit card and other personal information from clients, what are you doing to protect this data from hackers? Are you representing to the public that their information is secure?
These are issues that can’t be taken for granted, particularly when the FTC is willing to join the fight to protect consumers.