Hundreds of thousands of card numbers stolen in casino company breach

Share this article:
Thousands of credit and debit card numbers were stolen in the breach.
Thousands of credit and debit card numbers were stolen in the breach.

It was no classic Sin City heist, but the end result was the same when hackers compromised the payment system of Affinity Gaming in a potentially months-long attack and made off with hundreds of thousands of credit and debit cards belonging to gamblers at any one of the company's casinos.

An investigation is currently ongoing, but Affinity made the announcement on Friday, almost 24 hours after retail giant Target announced that 40 million of its customers may have had credit and debit cards and CVV codes stolen in a hacking incident.

Even though Affinity is notifying individuals who visited any of its Nevada, Iowa, Missouri and Colorado gaming facilities between March 14 and Oct. 16, the group still has not confirmed the exact date the attack initially began.

Affinity attorney Jim Prendergast said between 280,000 and 300,000 cardholders were impacted, according to reports. Some of those impacted individuals used their cards at Affinity-owned Primm Center Gas Station in Nevada, according to a notification on the company website.

Affinity learned of the incident on Oct. 24, after law enforcement contacted the Las Vegas-based group regarding fraudulent charges possibly linked to a data breach of the Affinity payment system, according to the notification.

An immediate investigation involving outside data forensics experts revealed that the payment system had been infected with malware, resulting in the compromise of the credit and debit cards. The system was quickly secured to protect customer accounts, according to the statement.

The notification did not indicate if the company will be offering anything to affected individuals, nor did it highlight steps taken to prevent a similar incident from occurring, but Affinity is encouraging all impacted individuals to monitor accounts for suspicious activity.

An Affinity spokesperson did not immediately respond to an SCMagazine.com request for comment.

Share this article:

Sign up to our newsletters

More in News

Community Health Systems faces lawsuit related to data breach

The suit claims the hospital operator failed to meet security standards to protect the personal information belonging to patients.

Norwegian oil companies targeted in string of attacks

More than 300 companies are being warned to check their systems after at least 50 oil companies confirmed that their systems were attacked.

Possible payment card breach at Dairy Queen stores

Several financial institutions are reporting payment card fraud activity on credit and debit cards used at various Dairy Queen stores around the country, according to Brian Krebs.