The security of card processing systems relating to food, beverage and retail sales at the Cape May-Lewes Ferry was compromised and data from certain credit and debit cards used from Sept. 20, 2013 to Aug. 7 may be at risk.

How many victims? Roughly 60,000 transactions were impacted, a spokesperson told SCMagazine.com on Thursday. 

What type of personal information? Names, payment card numbers and expiration dates.

What happened? The security of card processing systems relating to food, beverage and retail sales at the Cape May-Lewes Ferry was compromised, putting payment card data at risk.

What was the response? An investigation is ongoing. The issue was identified and contained, the security of credit and debit card processing systems has been restored, and steps have been taken to enhance the security of the systems. All impacted individuals are being notified and offered a free year of identity protection services.

Details: Delaware River and Bay Authority was notified on July 30 of a possible security compromise involving credit and debit card data stored on certain systems at the Cape May-Lewes Ferry's terminals and vessels. Cards used from Sept. 20, 2013 to Aug. 7 may be at risk. Only food, beverage and retail sales locations were affected – the reservation system, including online bookings and terminal point-of-sale locations, utilized for the purchase of vehicle or passenger tickets was not compromised.

Quote: “We have not determined that any specific cardholder's credit and debit card data was stolen by the intruder,” according to a notification posted to the Cape May-Lewes Ferry website.

Source: capemaylewesferry.com, “Notice of Data Security Event,” Oct. 24, 2014; capemaylewesferry.com, “Frequently Asked Questions,” Oct. 24, 2014.