It was no classic Sin City heist, but the end result was the same when hackers compromised the payment system of Affinity Gaming in a potentially months-long attack and made off with hundreds of thousands of credit and debit cards belonging to gamblers at any one of the company’s casinos.
An investigation is currently ongoing, but Affinity made the announcement on Friday, almost 24 hours after retail giant Target announced that 40 million of its customers may have had credit and debit cards and CVV codes stolen in a hacking incident.
Even though Affinity is notifying individuals who visited any of its Nevada, Iowa, Missouri and Colorado gaming facilities between March 14 and Oct. 16, the group still has not confirmed the exact date the attack initially began.
Affinity attorney Jim Prendergast said between 280,000 and 300,000 cardholders were impacted, according to reports. Some of those impacted individuals used their cards at Affinity-owned Primm Center Gas Station in Nevada, according to a notification on the company website.
Affinity learned of the incident on Oct. 24, after law enforcement contacted the Las Vegas-based group regarding fraudulent charges possibly linked to a data breach of the Affinity payment system, according to the notification.
An immediate investigation involving outside data forensics experts revealed that the payment system had been infected with malware, resulting in the compromise of the credit and debit cards. The system was quickly secured to protect customer accounts, according to the statement.
The notification did not indicate if the company will be offering anything to affected individuals, nor did it highlight steps taken to prevent a similar incident from occurring, but Affinity is encouraging all impacted individuals to monitor accounts for suspicious activity.
An Affinity spokesperson did not immediately respond to an SCMagazine.com request for comment.