Never mind three strikes and you're out. How about three strikes and I'm not even thinking about checking in to your hotel?

Granted, even the most security-conscious of companies can be victimized by hackers, but when you've had to cop to a third data breach in less than a year you'll have to forgive prospective customers for looking elsewhere for shelter. Or paying in cash.

From IDG News Service story on our site detailing the most recent episode:

Hackers were able to steal data required for credit card fraud, the company said, including "guest names and card numbers, expiration dates and other data from the card's magnetic stripe." Wyndham did not say how many (of its) hotels were hacked or how many customers were affected. The company did not return messages seeking comment Friday. This is the third data breach reported by Wyndham in the past year.

The Wyndham Hotels chain includes such familiar names as Ramada, Days Inn, Super8, Howard Johnson and Tavelodge.

(2010's 25 Geekiest 25th Anniversaries)

Here's a snippet of the boilerplate-filled mea culpa posted to the Wyndham site:

In addition to ensuring that the hack was immediately terminated and disabled, we promptly retained a qualified investigator to assess the problem and ensure that we had isolated it, and then to help us implement the proper changes to strengthen and improve the security of our connections with each of our WHR branded properties. Further, the impacted properties are being separately investigated by a qualified PCI investigative firm to assess and improve the security at each hotel property in the system.

Good ideas all, but they would have been even better ideas had they occurred and been implemented effectively after the breach Wyndham acknowledged last August.

And they'd have been a model of corporate responsibility had they blossomed after the first of the three breaches, which was revealed to the public six months earlier.

Do I judge Wyndham too harshly? I asked Kelly Todd, a project manager for DataLossDB, which tracks and compiles information about data breaches. Todd's reply:

"Personally, I'd try my best to avoid using any business that suffered multiple breaches in a relatively short time frame. For instance, if you swipe your credit card through an ATM that gets a skimmer attached to it three times in a year, it might be time to switch ATMs. I don't see why trusting a hotel chain -- or any business for that matter -- with credit card information should be different."

So here's the question I've sent to a pair of Wyndham public relations executives: "Given that this was the third such incident involving Wyndham in the past year alone, why wouldn't a prudent business traveler or vacationer be well advised to avoid Wyndham hotels rather than risk being a victim of the next such incident?"

I'll let you know what they have to say.

(Update, Friday, March 5: Here is Wyndham's reply:

"While no data security policy can guarantee that unauthorized data access will not happen in the future, we continuously upgrade, evaluate and monitor our systems to protect customers. The (latest) computer security incident occurred while Wyndham was in the process of completely upgrading the information security specifications for all the Wyndham-branded hotels.

In addition to ensuring that the hack was quickly isolated and contained, we revalidated our information security infrastructure and ensured that we maintain industry standard protections for customer data.")