Hundreds of thousands of card numbers stolen in casino company breach

Share this article:
Thousands of credit and debit card numbers were stolen in the breach.
Thousands of credit and debit card numbers were stolen in the breach.

It was no classic Sin City heist, but the end result was the same when hackers compromised the payment system of Affinity Gaming in a potentially months-long attack and made off with hundreds of thousands of credit and debit cards belonging to gamblers at any one of the company's casinos.

An investigation is currently ongoing, but Affinity made the announcement on Friday, almost 24 hours after retail giant Target announced that 40 million of its customers may have had credit and debit cards and CVV codes stolen in a hacking incident.

Even though Affinity is notifying individuals who visited any of its Nevada, Iowa, Missouri and Colorado gaming facilities between March 14 and Oct. 16, the group still has not confirmed the exact date the attack initially began.

Affinity attorney Jim Prendergast said between 280,000 and 300,000 cardholders were impacted, according to reports. Some of those impacted individuals used their cards at Affinity-owned Primm Center Gas Station in Nevada, according to a notification on the company website.

Affinity learned of the incident on Oct. 24, after law enforcement contacted the Las Vegas-based group regarding fraudulent charges possibly linked to a data breach of the Affinity payment system, according to the notification.

An immediate investigation involving outside data forensics experts revealed that the payment system had been infected with malware, resulting in the compromise of the credit and debit cards. The system was quickly secured to protect customer accounts, according to the statement.

The notification did not indicate if the company will be offering anything to affected individuals, nor did it highlight steps taken to prevent a similar incident from occurring, but Affinity is encouraging all impacted individuals to monitor accounts for suspicious activity.

An Affinity spokesperson did not immediately respond to an SCMagazine.com request for comment.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.