Wisconsin Dells, Wis.-based Kalahari Resorts announced that its Ohio and Wisconsin resorts were hit by a point-of-sale (POS) breach.
How many victims?: Unknown at the time.
What type of Information?: Customer card numbers, cardholder names, expiration dates, and card verification codes could be at risk.
What Happened?: In late October, officials were alerted that an intruder installed malware designed to capture data from certain payment cards from a limited number resort outlets including restaurants, bars, retail and spa, between May 18, 2015 and Nov. 9, 2015. The attacker didn't access the front desk POS system.
Details?: The company is not offering free credit monitoring but is providing tips for those who believe they were affected in the breach. This is the second breach to hit a Wisconsin Dells, WI, resort. In November Wilderness Resort announced a breach that occurred between Mar. 9 and June 8.
What was the response?: The malware has since been removed and the company has hired a forensics firm and contacted the U.S. Secret Service to investigate the incidents.
Quote: “Upon learning of the incident, we immediately secured a highly regarded forensic firm to conduct a complete system analysis. We have been in contact with the Secret Service regarding the incident and are following all notification protocols. Kalahari is committed to the security of our guests' personal information and continue to work diligently to enhance the security of our systems,” Kalahari spokeswoman Samantha Flynn told the Milwaukee Business Journal.
Source: Kalahari Resorts Legal Notice of Potential Incident, Kalahari Resorts Security FAQ, Milwaukie Business Journal