Wyndham Not Winning in the Game to Protect Customer Data?

It’s no secret that there are many credit card scams, especially when you are travelling and that you have to keep your credit card close by and watch who and when you provide it to anything from restaurants to resorts.  It’s also important to carefully review your charges, both on your room and when you return from travel, to make sure that you haven’t been “charged” with credit card fraud.  But most people would hope that our credit card information would be safe, especially from some of the biggest and so called best hotels and resort companies in the world.  But recently the FTC has filed suit against Wyndham Worldwide, owner of hotels such as Ramada Days Inn, Travelodge, Super 8 and Howard Johnson and resorts around the world as well as time share/vacation ownership participating providers.

This week ,the FTC filed a lawsuit against Wyndham Worldwide as a result of breaches in their security systems that led to hundreds of thousands of customers credit card information being released or stolen by an Internet domain located in Russia. However, that is not the only problem that the FTC has allegedly discovered.  The complaint also alleges that Wyndham has not taken appropriate security measures, making theft and fraud that much easier. (See the entire complaint)  Last, but not least, Wyndham is accused of further creating problems for their customers by not being truthful about their security measures and misrepresented the company security policy.

It is alleged that security measures were lax including the lack of complex user names and passwords, firewalls, network segmentation and that credit card numbers were stored in plain text.

This is not a new charge against Wyndham.  Continue reading Wyndham Not Winning in the Game to Protect Customer Data?

Credit Card Complaint Database Available to Public

Did you ever wish you could find out what people really had to say about their credit cards, both the good and the bad?   Have you ever wished you could check out official complaints about credit cards before actually applying for them?   If you have then you will be interested in a new official government database which is now available to the public which offers you the opportunity to “read all about it” when it comes to complaints about credit cards.

The credit card complaint database is offered by the Consumer Financial Protection Bureau. Information is updated daily, so you don’t have to worry about searching through online reviews for the most recent information about a credit card you currently use or or are considering using.  The complaints are not confirmed for accuracy, but the relationship between the consumer and the credit card is confirmed for accuracy.

To make your search easier you can search according to issues or even zip code.  Easy to read graphs are available as search results.

The is some “fine print” to the database information including:

  • limited to first credit card complaints received since June 1 for banks with more than $10 billion in assets.
  • it is currently in its beta version and it plans to expand to bigger banks by the end of 2012.
  • checks not only to determine a relationship between the credit and credit card holder but also to see if duplicate grievances are being filed.
  • hopes to expand to include mortgages and other financial product complaints,  not just credit cards.
  • The credit card companies are required to respond within 15 days and to close the complaint with an action in 60 days.
  • The database includes the type of complaint, the complainant’s ZIP code, the name of the company, and a description of what action, if any, the company took in response.

The banking industry of course is against the complaint database being made public citing privacy issues as well as the ability of “just anyone” to “tarnish” the name of banks or credit cards. In an recent Fox News article Richard Hunt, president of the Consumer Bankers Association, said “Why publish the amount of complaints against a specific company when there are many complaints that at the end of the day are not justified? “There is a significant chance of a reputational hit.”

Kenneth Clayton, the American Bankers Association’s executive vice president of legislative affairs and chief counsel, “called the release of the database disappointing and potentially misleading to consumers,” stating, “publicizing allegations that may or may not have any basis in fact raises serious questions about the balanced review we expect from our government agencies.”

There are also complaints by the banking industry that the information doesn’t include smaller banks.

However, the CFPC says, “Consumers can look at this data and can fairly draw the conclusion that if they engage in a financial relationship with the company this is what they can expect,” said Scott Pluta, acting assistant director of the Office of Consumer Response of the CFPB.  Pamela Banks, senior policy counsel for Consumers Union, said in a Reuters statement “Making credit card complaints public will put added pressure on banks to avoid unfair practices and help consumers make more informed financial decisions,” .

Wonder what you will find when you visit the database?   Currently Capital One is in the lead for the most complaints since June 1.  Next is CitiGroup, JP Morgan Chase and Bank of America.  The most common complaint is disputed charges.

The CFPB has been accepting complaints since it began in 2008.  These complaints have included those related to student loans, mortgages, loan modifications,  foreclosures, and other bank products.

Do you have a complaint that you will be filing in the database?

Keeping Your Identity Safe, in a Safe

When was the last time you heard or saw any kind of Identity Theft advertising?

Chances are… very recently.

Be it from AM Radio, TV, or the Internet, these days identity theft protection ads are everywhere.

It makes sense.

After all, there is a huge need for ID Theft prevention, and there are a myriad of products that can help.An old safe in a museum

But among this bombardment of information competing for your “low monthly fee” to protect you from digital theft, it is often forgotten that sometimes
you are most vulnerable in your own back yard.

The question we’d like you to consider today is, how are you protecting the physical version of your documents and records from falling into the wrong hands?

Where in your home are your private and personal documents? Are you protecting them at all?

Passports, social security cards, insurance documents, medical records, USB drives, your laptop or iPad, and what about your children’s birth certificates?

The list of important documents goes on and on.

The answer for how to protect this sensitive information is very simple.

You should probably keep all of them in a safe.

There are three basic recommendations I would make to anyone getting started with a safe for burglar and identity protection:

  1. Make sure the safe has at least an RSC UL rating classification.
    This classification means the sage has been tested for prying and torching attacks for a period of 5 minutes.
    5 Minutes is the minimum burglary classification UL assigns.
  2. Bolt the safe down to the floor.  If you don’t do it, and the safe weighs less than 300 Lbs, it will very probably be taken out of your property. On the contrary, if you do bolt it down, it is almost impossible to steal.
  3. Place the safe somewhere as hidden as you can. If the burglars see it, they might attempt to open it (if they have the time while burglarizing your house) but if they don’t see it, they might not even look for a safe.

Fire concerns

The threat from fire is as real as Continue reading Keeping Your Identity Safe, in a Safe

Sex Offenders on Facebook and other Social Media

Should sex offenders be allowed on Facebook? That question will probably prompt the obvious response, a loud “Hell, no!” but many organizations are arguing that banning sexual offenders from social media violates the offenders constitutional right to free speech.

Many state laws are in effect that successfully ban or limit sex offenders from using social media.  New York state law demands that registered sex offenders report all of their internet accounts (email, instant messaging, and social networking) and bans social networking for sex offenders convicted fo a crime against minor. NY state law also bans convicted sex offenders from social networking if they were convicted of a crime that involves the internet. Other states have similar laws regarding sexual predators and internet activities.

Facebook has guidelines in place stating: “Convicted sex offenders are prohibited from using Facebook. Once we are able to verify a user’s status as a sex offender, we immediately disable their account and remove their account and all information associated with it.”

John Walsh, spokesman for the National Center for Missing and Exploited Children, said of the internet, “we know that sex offenders target and lure children and how they look at the online community as their private, perverted hunting ground.”

We all want to protect our kids so the obvious answer is to ban sexual predators from accessing them. But by doing so we are also putting our kids at a disadvantage. If we can take away the rights of one individual, we can take away the rights of the many.  The argument that civil liberties advocates use is that social media is becoming an indispensable freedom of speech.

The appropriate question to ask next is “is social media a necessity in this day and age?” The answer can be quite complicated. Most people don’t leave home without their cell phones, iPads or other communication devices. Many of these devices allow access to the internet world. Many people would argue that participation in online discussion is a matter of free speech in its most basic form.

Carolyn Atwell-Davis, director of legislative affairs at the Virginia-based National Center for Missing & Exploited Children, said of the issue, “It’s going to be really, really hard, I think, to write something that will achieve the state’s purpose in protecting children online but not be restrictive enough to be unconstitutional.”

State legislation can help parents protect their children but only to a point.  State’s cannot trample on the freedoms given to citizens.  So in the end the protection of children is really left up to parents and the owners of each individual website. Parents need to be vigilant about the activity of their kids online and social media websites need to make rules regarding what actions they will take when sexual predators register with them. These two actions are the best way to keep children protected from those our society has deemed unfit.


This guest post is by Linda St.Cyr,  a freelance writer, blogger, and columnist. She covers a wide variety of topics from food to celebrity gossip. Read her work at Ecorazzi, Yahoo! Contributor Network, or The Hungry Kitchen.

Online safety tips while shopping this Father’s Day

Shopping online is not only easy, and convenient but it can also quite often save you money unless your credit card information falls into the wrong hands.   As you start placing your orders for ties, wallets and watches this Father’s Day, Julia Goloshubina, Co-Founder of Voxofon (a VoIP international calling provider), who manages the security and privacy measures for Voxofon’s users offered me these tips:

1.     Avoid allowing the retailer save your credit card information in your profile. Secure retailers are PCI (Payment Card Industry) compliant. If your credit card information is saved with a retailer that is not PCI compliant, you could be at risk. If you are confident that the retailer is PCI compliant and you want to save your credit card information for quicker checkout, make sure the retailer does not store the security code on your card – this is something they are never allowed to do.

We have discussed this here on Identity Theft Secrets and it is especially important if you are doing your shopping from on open wireless connection, like a library or restaurant or if you are using a public computer (even the one at work on your lunch break).

2.     When submitting payment, make sure the credit card information you entered is cleared out of all form entries. Some websites, even major retailers, do not do this, thus your credit card information gets stored in your browser. If an unauthorized person uses your computer or if your computer gets stolen, that information can be accessed easily.

There should be a box at the end of every transaction that says “do not save”  or “remember me”   Look for those boxes.   Make sure that your transaction at a store or online site did not automatically default to “remember me.”
3.     Look at the address bar to ensure that you are making a secure transaction. A retailer must go through strict validation processes to obtain an SSL Certificate, which verifies safe transaction practices. If a retailer has an SSL Certificate, the URL on the checkout pages will begin with https://. Also, your address bar in your browser will display a lock symbol next to the URL. For retailers that have more advanced SSL Certificates, you will see a green bar on the address bar of your browser.
For more information from about SSL Certificates visit “SSL Security Certificates: Safer shopping online.”
4.     Make sure retailers are storing your passwords properly. When saving your profile on a site, retailers have several ways of storing your passwords. The most secure retailers will store the passwords in the form of one-way hashes. Unfortunately, there is no way as a consumer to ensure that a retailer is doing this upfront; therefore you must contact customer support to confirm that your passwords are safe.
Most stores and providers online will have a separate page or tab for “contact us” or “customer service”  you can use those to access the customer support services and find out if your password is stored safely.   You may want to consider using a program like Roboform to save your passwords instead of depending on the word of a customer service call.
With just a few clicks of the keyboard and moves of the mouse it is possible to keep you credit card and personal information secure.  It may seem like a lot of steps to follow, but it is not as many as it may take to fix a problem with your credit, credit card or identity.