PHOENIX--(BUSINESS WIRE)--Aug. 24, 2008
Hotel Chain Asserts No Evidence to Support Sensational Claims
The story printed in the Sunday, August 24, 2008, Glasgow Sunday Herald
claiming a security breach of Best Western guest information is grossly
unsubstantiated. Claims reported about our Central Reservations customer
records are not accurate. We at Best Western take the confidentiality of
our customers' personal information very seriously. The Sunday Herald
reporter brought to our attention the possible compromise of a select
portion of data at a single hotel; we investigated immediately and
provided commentary. Best Western would have welcomed the opportunity to
fact-check the story, which would have resulted in more accurate and
credible reporting on the part of the newspaper. We have found no
evidence to support the sensational claims ultimately made by the
reporter and newspaper.
Most importantly, whereas the reporter asserted the recent compromise of
data for past guests from as far back as 2007, Best Western purges all
online reservations promptly upon guest departure.
Best Western is committed to safeguarding the confidential information
of our guests. We comply with the Payment Card Industry (PCI) Data
Security Standards (DSS). To maintain that compliance, Best Western
maintains a secure network protected by firewalls and governed by a
strong information security policy. We collect credit card information
only when it is necessary to process a guest's reservation; we restrict
access to that information to only those requiring access and through
the use of unique and individual, password-protected points of entry; we
encrypt credit card information in our systems and databases and in any
electronic transmission over public networks; and again, we delete
credit card information and all other personal information upon guest
departure. We regularly test our systems and processes in an effort to
protect customer information, and employ the services of
industry-leading third-party firms to evaluate our safeguards.
PCI requires the periodic evaluation, testing, and re-certification of
compliance. To that end, our most recent internal review was conducted
in August 2008, as was our most recent external test and review. Both
evaluations showed Best Western to be compliant with PCI DSS.
Best Western would like to assure our customers, member hotels and
business partners that we have no evidence to suggest that there is need
for widespread concern. As a precautionary measure, now and always, we
advise guests to review their credit card statements closely, and we
will of course continue to comply with PCI standards going forward.
Customer inquiries should be directed to our US customer service team at
800 528-1238.
CONTACT: Best Western International
Troy Rutman, 00 + 1 +602.578.0086
(mobile)00 + 1 +602.957.5668
(office)[email protected]
Hotel Chain Asserts No Evidence to Support Sensational Claims
The story printed in the Sunday, August 24, 2008, Glasgow Sunday Herald
claiming a security breach of Best Western guest information is grossly
unsubstantiated. Claims reported about our Central Reservations customer
records are not accurate. We at Best Western take the confidentiality of
our customers' personal information very seriously. The Sunday Herald
reporter brought to our attention the possible compromise of a select
portion of data at a single hotel; we investigated immediately and
provided commentary. Best Western would have welcomed the opportunity to
fact-check the story, which would have resulted in more accurate and
credible reporting on the part of the newspaper. We have found no
evidence to support the sensational claims ultimately made by the
reporter and newspaper.
Most importantly, whereas the reporter asserted the recent compromise of
data for past guests from as far back as 2007, Best Western purges all
online reservations promptly upon guest departure.
Best Western is committed to safeguarding the confidential information
of our guests. We comply with the Payment Card Industry (PCI) Data
Security Standards (DSS). To maintain that compliance, Best Western
maintains a secure network protected by firewalls and governed by a
strong information security policy. We collect credit card information
only when it is necessary to process a guest's reservation; we restrict
access to that information to only those requiring access and through
the use of unique and individual, password-protected points of entry; we
encrypt credit card information in our systems and databases and in any
electronic transmission over public networks; and again, we delete
credit card information and all other personal information upon guest
departure. We regularly test our systems and processes in an effort to
protect customer information, and employ the services of
industry-leading third-party firms to evaluate our safeguards.
PCI requires the periodic evaluation, testing, and re-certification of
compliance. To that end, our most recent internal review was conducted
in August 2008, as was our most recent external test and review. Both
evaluations showed Best Western to be compliant with PCI DSS.
Best Western would like to assure our customers, member hotels and
business partners that we have no evidence to suggest that there is need
for widespread concern. As a precautionary measure, now and always, we
advise guests to review their credit card statements closely, and we
will of course continue to comply with PCI standards going forward.
Customer inquiries should be directed to our US customer service team at
800 528-1238.
CONTACT: Best Western International
Troy Rutman, 00 + 1 +602.578.0086
(mobile)00 + 1 +602.957.5668
(office)[email protected]