The Hard Rock Hotel & Casino in Las VegasMonday that it suffered a card breach incident during which cyber-criminals may have collected customer payment card information off its PoS (Point of Sale) network.
The hotel chain says it received a warning regarding fraudulent activities involving payment cards that all had in common one thing: they were used in the past months at the hotel.
The Hard Rock Hotel & Casino hired a cyber-security firm to launch an investigation, which concluded on May 31, 2016. According to their findings, the security firm said it discovered malware on some of the hotel’s PoS systems.
The hotel chain says that clients that stayed or used their payment cards at the hotel’s restaurant and retail outlets between October 27, 2015, and March 21, 2016, could be affected.
Card scraping malware at the heart of the incident
The malware can collect card details such as the cardholder’s name, card number, expiration date, and internal verification code.
The hotel’s staff have now started informing all customers that may pottentially be affected by this incident, along with authorities.
Affected customers are advised to keep an eye out for unauthorized transactions charged to their cards, and report them to their banks.
“Hospitality organizations are ideal targets for the cybercriminal today because they handle highly valuable personal and financial information—the proverbial goldmine for the cyberthief,”‘s Zach Forsyth told Softpedia. “Large, well-known chains are even more susceptible targets due to the sheer volume of data that they store and share.”
“Unfortunately, many of these companies have antiquated IT security technology in place, which is an easy workaround for the hackers,” Forsyth added. “It’s a harsh reality that the technology some organizations use today is as effective as installing a home security system that alerts you to a break-in after the robbers have already stolen everything, vandalized the house and left.”