Indiana-based French Lick Resort announced on Tuesday that malware had infected its payment card system, and any guest who used their credit and debit cards at any venue at the resort between April 23, 2014, and Jan. 21 may have had their personal information compromised.
How many victims? Unknown at this time.
What type of personal information? Names, account numbers, card expiration dates and card verification values.
What happened? Malware infected the French Lick Resort payment card system, compromising personal information for any guest who used their credit card at any venue at the resort.
What was the response? French Lick Resort addressed the malware threat. The resort is undertaking new security initiatives to strengthen its network, systems and processes, as well as to enhance its level of protection with regard to visitor information. All impacted individuals are being offered free identity protection and credit monitoring services. An investigation is ongoing.
Details: On Jan. 13, the accounting department at the French Lick Resort learned of a possible compromise to the resort's payment card system. Anyone who used a credit or debit card between April 23, 2014, and Jan. 21 at any venue at the resort may be at risk; although, there is no evidence that debit card PINs were impacted.
Quote: “We hope to contact anyone who could have been affected by this to ensure that they can act to protect themselves,” Chris Leininger, COO of French Lick Resort, was quoted as saying in a release emailed to SCMagazine.com on Wednesday.
Source: frenchlick.com, “FLR Data FAQs,” January 2015; a Wednesday correspondence with French Lick Resort.