Wyndham’s former director of security compliance says many Super 8 hotels not PCI DSS compliant

I initially thought I’d just skip posting an article on Consumer Reports that seemed to just be a re-hash of what we knew already about the FTC case against Wyndham. But then I came to this statement:

Now, David Durko, former director of Wyndham’s security compliance management, says that many independently owned and operated Wyndham hotels doing business under the Super 8 brand name don’t comply with Payment Card Industry Data Security Standards.

Durko says the Wyndham Hotel Group hired him in response to the three breaches that became the focus of the FTC complaint. He worked there for a year and a half as a PCI consultant, then for another two years as director of security compliance, according to his LinkedIn profile. Durko says he and Wyndham parted on amicable terms.

Read more on Consumer Reports.

Wyndham did not respond to an e-mail request for a comment or response to Mr. Durko’s reported claims.l

About the author: Dissent

Comments are closed.