The Federal Trade Commission has been handed the authority to not only oversee corporate online security, but to sue companies that do not protect customer data against hackers.
The United States Court of Appeals for the Third Circuit, which published its ruling late Monday, said the FTC has every authority to pursue cyber-security cases.
The ruling comes after a fight between the FTC and Wyndham Worldwide Corp. over if the agency had the right to sue the hotel chain for being hit by Russian hackers.
The FTC maintains Wyndham failed to take reasonable steps to prevent three hacks of its computer systems in 2008 and 2009.
More than 619,000 customers were affected by the three breaches and $10.6 million was fraudulently spent using customers’ stolen credit card information.
Wyndham, during a March 3 hearing, said the company was also a victim and was being unjustly punished. The company said it had hired five consultant firms after the attacks and none were able to discover how the hackers infiltrated the company’s system.
The company said if the FTC has the authority to sue them, they may as well “regulate the locks on hotel room doors.â€
The appeals court called Wyndham’s remark “alarmist†and denied its request to bring an end to the lawsuits.
It also chastised Wyndham in its ruling: “And it invites the tart retort that, were Wyndham a supermarket, leaving so many banana peels all over the place that 619,000 customers fall hardly suggests it should be immune from liability.â€
“Wyndham’s as-applied challenge is even weaker given it was hacked not one or two, but three, times,†the ruling also reads. At least after the second attack, it should have been painfully clear to Wyndham that a court could find its conduct failed the cost benefit analysis.â€’>’>’>’>’>’ rel=’external nofollow’ title=’Visit jcowan’s website’ class=’snap_noshots’>avatarJennifer Cowan is the Managing Editor for SiteProNews.The post FTC Can Sue Companies for Being Hacked, Court Rules appeared first on SiteProNews.