Wyndham Vacation Ownership Acknowledges Data Breach
A former telephone representative may have collected customers' credit card numbers for use in fraud.
In a letter [PDF file] sent to Maryland attorney general Jeff Karberg, dated March 12, 2013, Stratis Pridgeon, group vice president for legal services at Wyndham Vacation Ownership, stated that the personal information of two Maryland residents had been inappropriately accessed by a former employee (h/t DataBreaches.net).
According to the letter, on or about January 18, 2013, the Orlando, Fla. Police Department informed the company that a Wyndham employee had been arrested in connection with fraudulent credit card purchases.
"Wyndham terminated the individual's employment the following day," Pridgeon wrote in the letter. "After an investigation in conjunction with the Orlando Police Department, Wyndham determined that the former employee may have obtained credit card number(s) of two (2) Maryland residents through telephone calls the individual handled as a telephone agent, which the individual maintained on a handwritten ledger."
It's not clear from the letter how many residents of other states may have been affected by the former employee's actions. All affected customers are being offered two years of free identity and credit protection from Equifax.