DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Kalahari Resorts in Wisconsin and Ohio hit by payment card breach

Posted on December 3, 2015 by Dissent

From their notice of December 1 (and no, this isn’t related to the Starwood properties’ breach disclosed recently):

Kalahari Resorts recently became aware of a possible security incident involving credit and debit card data reportedly used at our food & beverage, retail and spa outlets at our Wisconsin (1305 Kalahari Dr., Wisconsin Dells, WI 53965) and Ohio (7000 Kalahari Dr., Sandusky, OH 44870) sites. An investigation into this incident was immediately initiated. Our team, including third-party forensics experts, has been working continuously to understand the nature and scope of the incident. This investigation is ongoing. The incident has been contained and our customers can safely use payment cards at all Kalahari Resorts locations.

We believe that the intruder installed malicious software designed to capture data from certain credit and debit cards that were used at our resort outlets (such as restaurants, bars, retail and spa) between May 18, 2015 and November 9, 2015. The incident did not impact our hotel reservation or front desk systems, nor did it impact any transactions at our Pennsylvania resort. The incident could affect credit and debit card data, including card number, cardholder name, card’s expiration, and card verification code. However, we have not determined that any specific individual’s credit or debit card data was affected by this incident.

We take the privacy of personal information very seriously and deeply regret any inconvenience that this may cause our valued guests. We have been in contact with the U.S. Secret Service and will continue to fully cooperate with their investigation.

[…]

Click Here for Frequently Asked Questions

Kalahari did not disclose the number of affected consumers. They report learning of the problem in late October when they were “alerted” to the problem, but they do not indicate who alerted them and whether it was someone whose payment card information had been misused.

No related posts.

Category: Business SectorID TheftMalwareU.S.

Post navigation

← Computer company sues gaming establishment and its employees over alleged software theft
Anonymous claims to leak Paris climate officials’ data (UPDATED) →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • India’s Max Financial says hacker accessed customer data from its insurance unit
  • Brazil’s central bank service provider hacked, $140M stolen
  • Iranian and Pro-Regime Cyberattacks Against Americans (2011-Present)
  • Nigerian National Pleads Guilty to International Fraud Scheme that Defrauded Elderly U.S. Victims
  • Nova Scotia Power Data Breach Exposed Information of 280,000 Customers
  • No need to hack when it’s leaking: Brandt Kettwick Defense edition
  • SK Telecom to be fined for late data breach report, ordered to waive cancellation fees, criminal investigation into them launched
  • Louis Vuitton Korea suffers cyberattack as customer data leaked
  • Hunters International to provide free decryptors for all victims as they shut down (2)
  • SEC and SolarWinds Seek Settlement in Securities Fraud Case

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • German court awards Facebook user €5,000 for data protection violations
  • Record-Breaking $1.55M CCPA Settlement Against Health Information Website Publisher
  • Ninth Circuit Reviews Website Tracking Class Actions and the Reach of California’s Privacy Law
  • US healthcare offshoring: Navigating patient data privacy laws and regulations
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • Google Trackers: What You Can Actually Escape And What You Can’t
  • Oregon Amends Its Comprehensive Privacy Statute

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.