BreachExchange mailing list archives
Callaway Gardens credit, debit card records breached
From: Erica Absetz <erica () riskbasedsecurity com>
Date: Tue, 28 May 2013 12:08:10 -0500
http://www.ledger-enquirer.com/2013/05/25/2518295/callaway-gardens-credit-debit.html A Callaway Gardens official said it is unknown how many guests may be affected after its credit card security system was compromised over the last eight months. "We have just started a more in-depth investigation so the number of accounts have not been determined yet," said Rachel Crumbley, a spokeswoman for the resort in Pine Mountain. Crumbley said Saturday a breach in its credit card security system started in early September and lasted until Thursday when a credit card processing company identified multiple companies, including Callaway Gardens, with fraudulent credit card activity. "In our team's immediate investigation, fraudulent malware was detected, contained and removed," said Barry Morgan, CFO of Callaway Gardens. "Guests are encouraged to review and monitor their electronic credit and debit card statements for fraudulent charges." If you were a guest before Friday and noticed any unauthorized credit card ac tivity, you should promptly contact your financial institution. "We wanted to alert all of our guests as quickly as possible to make sure they take any necessary corrective and protective actions," Morgan said. "And, with large crowds anticipated for this weekend's Memorial Day Weekend Festival, we want to reassure guests that our systems have been secured and are being monitored closely." The malware in the system at the resort collected financial information from card users. An investigation is underway at Callaway Gardens and by law enforcement authorities. "As soon as we got wind of it, we informed our guests," Crumbley said. "I was told it could take days, weeks or months when the investigation is completed." Until that time, guests are encouraged to review their electronic credit card and debit card statements for fraudulent charges. Crumbley said Callaway Gardens was using the best business practices available in computer security technologies when the breach occurred. Officials now have top experts in the field of computer forensics to assist in the investigation and to recommend additional security measures as needed. Crumbley said emails were sent to guests about the breach. Information also was sent out on Facebook and Twitter. Officials also have notified four credit card companies, American Express, Visa, MasterCard and Discover and the three major U.S. credit reporting agencies about the incident. Guests may also contact the credit reporting agencies to check their credit reports. Free reports are available at www.annualcreditreport.com, or by calling 877-322-8228, or completing the Annual Credit Report form on the Federal Trade Commission website at www.consumer.ftc.gov/articles/0155-free-credit-reports . _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- Callaway Gardens credit, debit card records breached Erica Absetz (May 28)