Via the Sacramento Bee, this press release:
Eagle Ridge Resort & Spa announced today that it suffered a criminal intrusion into the portion of its computer network that processes payment card transactions. The company took immediate steps to investigate the matter, secure the affected part of its network, discontinued swiping payment cards and believes that the intrusion has been contained.
The extent of the intrusion is not known at this time. The company is conducting a full investigation to determine the extent of any possible compromise of customer information that occurred as a result of the intrusion. It is possible that the credit or debit card number, expiration date and card verification code contained on the magnetic stripe of some payment cards used at Eagle Ridge Resort may have been acquired without authorization during the intrusion. The Company currently has no reason to believe that personal information, such as names, addresses or Social Security numbers, was acquired by the intruder.
The company is cooperating with law enforcement efforts to investigate the crime. The company has also notified the major payment card brands and is cooperating in their investigation of the intrusion. Further, the company recommends that customers review their card statements and other account information carefully and immediately notify their card issuer if they suspect fraudulent use.
Attached is a letter from Ikhlas Ahmed that provides more information about the intrusion and additional steps customers can take to protect their information. The company has also set up a toll-free hotline at 1-888-414-8023 for customers who have further questions. When prompted, please enter the following ten digit reference number: 3777052311. The letter and the toll-free number are available on the company’s website at www.eagleridge.com.