DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

NY: Data breach occurs at Holiday Valley resort

Posted on June 19, 2015 by Dissent

The management at Holiday Valley in Ellicottville said a data breach occurred between Oct. 17, 2014 and June 2, and affected credit and debit card purchases of food, recreation, retail and lodging.

Read more on BradfordEra.com.

A statement on Holiday Valley’s web site reads:

Dear Holiday Valley Customer:

I’m sorry to report that Holiday Valley was the victim of a data security breach between October 17, 2014 and June 2, 2015 at points of sale including food and beverage, recreation, retail and lodging.
Holiday Valley guests who used or visited the resort during this period and used a credit or debit card may have had their card information compromised. We encourage you to review your statements from that time period or contact your card issuer if you view any fraudulent activities.
As soon as we learned of the possible security breach we immediately launched an extensive investigation lead by our independent computer consulting company and a third party to conduct a detailed forensic review. They have now removed the malware, and have taken steps to prevent it from reoccurring.
Holiday Valley deeply regrets any inconvenience caused by this criminal attack. We are offering one year of credit repair services to any guest who’s credit has been harmed from this incident through AllClear Secure. Information on AllClear Secure will be posted on this website on June 17, 2015.
Your credit card issuer has also been made aware of this situation. Please contact your credit card issuer if you have any questions or concerns. They may take actions such as increasing their fraud monitoring of your card or issuing you a new card. If you suspect any unauthorized activity on your card, report it immediately to your card issuer. The policies of brands like Visa, MasterCard, American Express and Discover provide that you have no liability for any unauthorized charges, providing you report them in a timely manner.
You also have the option to place a fraud alert on your credit files. An “initial” fraud alert, which lasts for 90 days, requires potential creditors to use reasonable policies and procedures to verify a customer’s identity. To place an alert call one of these three credit reporting agencies:
Experian (888) 397-3742
Equifax (800) 525-6285
TransUnion (800) 680-7289
A free copy of your credit report is available by calling (877) 322-8228 or by visiting www.annualcreditreport.com.
For more information we have prepared a question and answer section for you here.
We are truly sorry for this situation. We take this issue very seriously and apologize for any inconvenience.

Respectfully,
Dennis Eshbaugh
President and General Manager
Holiday Valley Resort.

Related posts:

  • White Lodging confirms another long-running payment card “suspected breach”
  • White Lodging releases additional information about data breach investigation (updated)
  • Madison Square Garden Company Alerts Customers of Payment Card Data Breach
  • Atlantis, Paradise Island Provides Notice of Data Security Incident
Category: Breach IncidentsMalware

Post navigation

← Ca: House of Commons says data theft warning a ‘miscommunication’
Updates on OPM breach(es) →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud
  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized
  • Bolton Walk-In Clinic patient data leak locked down (finally!)
  • 50 Customers of French Bank Hit by Insider SIM Swap Scam
  • Ontario health agency atHome ordered to inform 200,000 patients of March data breach
  • Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.