2 min read

Casino customers and employees put at risk after FireKeepers hack

Graham CLULEY

July 07, 2015

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Casino customers and employees put at risk after FireKeepers hack

Two months ago the FireKeepers Casino and Hotel in Battle Creek, Michigan, warned that it was investigating a “possible data security incident” involving its Point Of Sale (PoS) systems.

Whenever you hear news like that you hold your breath, cross your fingers and hope for the best – perhaps the fear will be unwarranted, and it will be found that no such breach occurred.

Well, I’m afraid there is bad news for FireKeepers’ customers, employees and even former staff, as the hotel and casino has now confirmed that it did indeed suffer a data breach – exposing personal data and payment card information.

firekeepers-600

Source: FireKeepers

Approximately 85,000 credit and debit cards used to make food, beverage and retail purchases between September 7 2014 and April 25 2015 are thought to have been put at risk by the hack, exposing cardholder names, card numbers, verification codes and expiry dates.

But the risk doesn’t end there, according to an advisory published for current and past employees:

During the course of our investigation, on May 6, 2015, FireKeepers also determined that there may have been unauthorized access to a file storage server, which contained the personal information of certain customers stored on its file storage server, such as Social Security number and/or driver`s license number. Neither FireKeepers nor its forensic investigators have found evidence of unauthorized access or misuse of the personal information.

The silver lining on the cloud is that, so far, the company hasn’t uncovered any evidence that workers’ social security and driving licence numbers, and other personally identifiable information, has been abused by criminals for the purposes of identity theft.

However, now that information is potentially in the hands of the computer underground – who could choose to exploit it at anytime, perhaps waiting years before they strike.

In the statement posted on its website, FireKeepers used the traditional wording deployed by many companies after a serious breach that it takes security “seriously”.

seriously

Source: FireKeepers

Such phrases are becoming so common that it’s almost possible to track the latest breach announcements just by Googling for variations on it.

FireKeepers Casino and Hotel says that it now has its systems properly secured, and payment card data can now be processed securely.

Furthermore, the company says that it has install new PoS equipment, and has tightened its security with increased firewall protection and two-factor authentication.

Of course, ideally all of these measures would have been made *before* the criminal hackers broke into FireKeepers’ systems and stole their data. And it’s likely that past customers (and indeed current and former employees) will be nervous of trusting the resort again with their personal and payment information.

In short – sloppy security can hit your business hard. If you don’t make information security a board level issue then your company is effectively playing Russian roulette with its future.

R. Bruce McKee, the president of FireKeepers Casino and Hotel, has announced that he is set to retire at the end of this year.

tags


Author



Right now

Top posts

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

January 26, 2023

2 min read
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

January 19, 2023

4 min read
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

More than 50,000 People Affected by US Cellular Data Breach; Leaked Info Hits the Internet More than 50,000 People Affected by US Cellular Data Breach; Leaked Info Hits the Internet
Silviu STAHIE

February 08, 2023

2 min read
Russian Threat Actor Targets Ukraine Ministry and Polish Police in Similar Campaigns Russian Threat Actor Targets Ukraine Ministry and Polish Police in Similar Campaigns
Silviu STAHIE

February 06, 2023

1 min read
U.S. Department of Health and Human Services Hits ‘Banner Health’ with $1.25 Million Fine U.S. Department of Health and Human Services Hits ‘Banner Health’ with $1.25 Million Fine
Silviu STAHIE

February 03, 2023

1 min read