Add Peppermill Resort Spa & Casino to the list of hospitality entities that were hacked last year but didn’t learn of it until this year.
According to their notification letter of October 5, the hack involved their front desk system and resulted in the compromise of customers’ payment card information, including security codes. The hack occurred between October 12, 2014 and February 16, 2015. Peppermill first became aware of the incident in late April, 2015, but do not say how they became aware of it.
Notification was delayed because of law enforcement’s investigation.
In response to the breach, they have implemented new policies and procedures. Affected customers were advised to check their card statements and given information on how to place fraud alerts and security freezes on their accounts, but no services were offered such as identity theft restoration services.
The number of consumers affected was not disclosed.