fbpx

Wyndham Capital Mortgage Data Breaches Expose PII Class Action

In October 2020, Wyndham Capital Mortgage, Inc. announced not one but two data breaches that exposed its clients’ personally identifying information (PII). The complaint for this class action alleges, “The Data Breaches were a direct result of [Wyndham’s] failure to implement adequate and reasonable cybersecurity procedures and protocols necessary to protect clients’ PII.”

The Nationwide Class for this action is all individuals whose PII was exposed in the Data Breaches Wyndham announced in October 2020. A Florida Subclass has also been defined for those living in Florida.

The complaint says that Wyndham claims to have provided more than $18 billion in loans for more than 60,000 customers. According to the complaint, “The privately held corporation states that it uses ‘advanced technology’ for its strictly online loan processes in an effort to streamline the loan process.” It claims to have experienced an increased demand for its services in 2019, leading to a rapid expansion of its business.

This expansion seems to have been accompanied by a couple of breaches of data security. The complaint alleges. “First, on October 16, 2020, Wyndham warned that on September 18, 2020, an email was sent ‘in error’ by a Wyndham employee to an email account not belonging to Wyndham or its authorized affiliates.” The information included names, Social Security numbers, and “loan data” customers had provided to Wyndham in the course of applying for mortgages.

But that wasn’t all. The complaint says, “Second, on or about October 23, 2020, Wyndham warned that it [had] discovered that an employee was the ‘victim of a phishing scam’ that compromised Wyndham’s security protocols and allowed unauthorized third parties access to the employee’s email account for an extensive period[,] from June 30, 2020 through August 3, 2020…”

According to the complaint, these two data breaches “allowed criminals to obtain everything they needed to illegally use Wyndham’s current and former clients’ PII to steal their identities, make fraudulent purchases, and to commit myriad financial crimes and fraud.” It speculates that the stolen information is now for sale on the dark web to other cybercriminals.

The complaint faults Wyndham for a number of things: “intentionally, willfully, recklessly, or negligently failing to take adequate and reasonable measures to ensure its systems were protected against unauthorized intrusions; failing to disclose that it did not have reasonable or adequately robust computer systems and security practices to safeguard clients’ PII; failing to take standard and reasonably available steps to prevent the Data Breaches; failing to monitor and timely detect the Data Breaches; and failing to provide [the affected persons] prompt and accurate notice of the Data Breaches.”

Article Type: Lawsuit
Topic: Privacy

Most Recent Case Event

Wyndham Capital Mortgage Data Breaches Expose PII Complaint

December 10, 2020

In October 2020, Wyndham Capital Mortgage, Inc. announced not one but two data breaches that exposed its clients’ personally identifying information (PII). The complaint for this class action alleges, “The Data Breaches were a direct result of [Wyndham’s] failure to implement adequate and reasonable cybersecurity procedures and protocols necessary to protect clients’ PII.”

Wyndham Capital Mortgage Data Breaches Expose PII Complaint

Case Event History

Wyndham Capital Mortgage Data Breaches Expose PII Complaint

December 10, 2020

In October 2020, Wyndham Capital Mortgage, Inc. announced not one but two data breaches that exposed its clients’ personally identifying information (PII). The complaint for this class action alleges, “The Data Breaches were a direct result of [Wyndham’s] failure to implement adequate and reasonable cybersecurity procedures and protocols necessary to protect clients’ PII.”

Wyndham Capital Mortgage Data Breaches Expose PII Complaint
Tags: Exposing Private Information, Exposure to cyber crime, Your Privacy