The Houston Chronicle reports that the Houston Zoo’s gift shop customers may be impacted by a vendor’s breach that also affected customers at the Detroit Zoo’s gift shop:
Houston Zoo officials said on Thursday they discovered a “security breach” involving credit cards at their gift shops.
A zoo spokeswoman said the breach was contained to two gift shops at the zoo that are run by a third-party vendor, Services Systems Associates.
Read more on Chron.com.
SSA posted the following undated notice on their web site. It refers to “several” clients being affected. So far, we know of two.
Details on Service Systems Associates, Inc. Data Breach
We are sorry to report that Service Systems Associates, Inc. (SSA) was recently the victim of a data security breach.
The violation occurred in the point of sale systems located in the gift shops of several of our clients. This means that if a guest used a credit or debit card in the gift shop at one of our partner facilities between March 23 and June 25, 2015, the information on that card may have been compromised.
SSA takes this issue very seriously. As soon as we learned about the attack, SSA began working with law enforcement officials and a third-party forensic investigator, Sikich, to investigate the breach.
Though the investigation into this attack continues, the malware that caused the breach was identified and removed. All visitors should feel confident using credit or debit cards anywhere in these facilities. SSA is also taking several steps to improve its security and prevent future attacks.
SSA has notified the credit card companies of this situation. Guests who view any fraudulent activity on a credit or debit card should contact the relevant card issuer as soon as possible. Most credit card companies do not hold customers liable for fraudulent charges if they are promptly reported.
Additionally, here is some advice from the Consumer Financial Protection Bureau:
If you believe you are a victim of identity theft, you should contact one of the consumer reporting agencies listed below to place a fraud alert on your credit report. You only need to contact one of the three credit reporting companies to place an alert.
TransUnion: 1-800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790
Equifax: 1-800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
Experian: 1-888-EXPERIAN (397-3742); www.experian.com; P.O. Box 9554, Allen, TX 75013For more details on the steps to take if you are a victim of identity theft, visit the Federal Trade Commission’s Identity Theft website at http://www.ftc.gov/bcp/edu/microsites/idtheft.
We will provide relevant updates as soon as they may become available.
Again, we are very sorry for any inconvenience due to this situation.
Regards,
Timothy L. Brantley, CEO