Hackers may have had access to resort's credit card system for eight months

Share this article:

The financial information of guests at Callaway Gardens was stolen by thieves who implanted malware on the Pine Mountain, Ga. resort's credit and debit card systems.

How many victims? Unknown.

What type of personal information? No specifics have been given in terms of what kind of financial data was accessed.

What happened? On Thursday, a credit card processing company notified Callaway Gardens, as well as a number of other companies that it services, of suspicious transactions involving guests. It's unclear if all of the companies were compromised by the same malware, but the victim organizations were identified because thieves made fraudulent purchases at common locations.

What was the response? Callaway Gardens notified guests via email and social networking sites. Additionally, the company alerted the major card brands and credit reporting agencies.

Details: According to a Callaway Gardens spokeswoman, the breach started in early September.

Quote: “In our team's immediate investigation, fraudulent malware was detected, contained and removed,” Barry Morgan, CFO of Callaway Gardens, said.

Source: www.ledger-enquirer.com, Ledger-Enquirer, Callaway Gardens credit, debit card records breached” May 25, 2013.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

About 60K transactions possibly affected in Cape May-Lewes Ferry breach

The security of card processing systems relating to food, beverage and retail sales at the Cape May-Lewes Ferry was compromised and payment card data may be at risk.

Arkansas State University-Beebe is investigating a potential breach

Arkansas State University-Beebe is notifying students and employees of a service running on one of its servers that could pose a potential breach to the system.

Unencrypted discs missing, Arizona State Retirement System notifies 44,000

Arizona State Retirement System notifies nearly 44,000 individuals enrolled in dental plans that two unencrypted discs containing their personal information are missing.