Wyndham Hotels and Resorts this week is notifying customers for the second time in two years that hackers somehow managed to infiltrate its computer systems, accessing a "small percentage" of customers' payment card data.
Wyndham (NYSE: WHR) officials said that the compromised data included cardholder names and numbers, expiration dates and other information that could be extracted from the credit or debit cards' magnetic strips. Social security numbers, addresses and other key personal data were not exposed.
"We deeply regret that this incident occurred and are doing everything we can to notify our customers directly, to address and remedy the problem," Wyndham said in an open letter to customers last month.
In September 2008, Wyndham reported that hackers wormed their way into the company's computer systems, extracting data from several of its properties and creating a unique file containing payment card information of roughly 21,000 customers.
This time around, Wyndham said that it provided the major credit card companies with the actual card numbers of those customers affected in this latest breach so that the likes of American Express, Visa, MasterCard and Discover can take action "as they deem appropriate" to monitor the use of the cards.
The company has also retained an investigative service provider to assess the problem and help implement improved security procedures at all Wyndham properties.
"We also notified the Secret Service, as well as several states' attorneys general offices with information about the breach, and continue to work with law enforcement to assist in the investigations of this matter," company officials said.
While no unusual activity has been reported on any of the exposed credit card accounts, Wyndham will offer free credit card monitoring services to the affected customers.
Data breaches of this type have become common in the past few years as hackers have grown more organized and sophisticated in their attacks.
Just last month, security software vendor Symantec reported that 75 percent of businesses have endured some type of cyber attack in the past year. Of this group, 36 percent reported that the attacks -- hacking, phishing and identity theft -- were "highly effective."