The Hard Rock Cafe and Casino Las Vegas has released a
statement alerting customers that their data may have been
compromised if they visited the resort between October 27th, 2015 and March
21st, 2016.
After receiving several reports of unauthorized
activity associated with payment cards, the resort started an investigation
into their card payment methods.
“On May 13, 2016, the investigation identified
signs of unauthorized access to the resort’s payment card environment,” Hard
Rock said in its statement.
“Further investigation revealed the presence of
card scraping malware that was designed to target payment card data as the data
was routed through the resort’s payment card system.”
In some instances, the program recognized payment
card data that included cardholder names, card numbers, expiration dates and
internal verification codes. In others, the program only found data that didn’t
include the cardholder name.
The Hard Rock Cafe and Casino assured customers
that they have alerted law enforcement officials and are working with the
payment card networks to initiate heightened monitoring on cards that may be
affected.
The resort recommends that any customers who
suspect that they may have been victims of card fraud get in touch with their
bank.
This incident is the latest in a number of attacks
on high-profile organizations, although it must be noted that all organizations
are targets.
Such is the concern that, at the start of the
month, the Internet Crime Complaint Center (IC3) issued a public service announcement warning people about
online fraudsters looking to jump on the back of recent data breaches.
It stated: “Fraudsters quickly use the news release
of a high-profile data breach to initiate an extortion campaign.
“The FBI suspects multiple individuals are involved
in these extortion campaigns based on variations in the extortion emails.”