DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Kalahari Resorts in Wisconsin and Ohio hit by payment card breach

Posted on December 3, 2015 by Dissent

From their notice of December 1 (and no, this isn’t related to the Starwood properties’ breach disclosed recently):

Kalahari Resorts recently became aware of a possible security incident involving credit and debit card data reportedly used at our food & beverage, retail and spa outlets at our Wisconsin (1305 Kalahari Dr., Wisconsin Dells, WI 53965) and Ohio (7000 Kalahari Dr., Sandusky, OH 44870) sites. An investigation into this incident was immediately initiated. Our team, including third-party forensics experts, has been working continuously to understand the nature and scope of the incident. This investigation is ongoing. The incident has been contained and our customers can safely use payment cards at all Kalahari Resorts locations.

We believe that the intruder installed malicious software designed to capture data from certain credit and debit cards that were used at our resort outlets (such as restaurants, bars, retail and spa) between May 18, 2015 and November 9, 2015. The incident did not impact our hotel reservation or front desk systems, nor did it impact any transactions at our Pennsylvania resort. The incident could affect credit and debit card data, including card number, cardholder name, card’s expiration, and card verification code. However, we have not determined that any specific individual’s credit or debit card data was affected by this incident.

We take the privacy of personal information very seriously and deeply regret any inconvenience that this may cause our valued guests. We have been in contact with the U.S. Secret Service and will continue to fully cooperate with their investigation.

[…]

Click Here for Frequently Asked Questions

Kalahari did not disclose the number of affected consumers. They report learning of the problem in late October when they were “alerted” to the problem, but they do not indicate who alerted them and whether it was someone whose payment card information had been misused.


Related:

  • Clorox Files $380M Suit Alleging Cognizant Gave Hackers Passwords in Catastrophic 2023 Cyberattack
  • Cyberattacks Paralyze Major Russian Restaurant Chains
  • #StopRansomware: Interlock
  • Two more entities have folded after ransomware attacks
  • British institutions to be banned from paying ransoms to Russian hackers
  • Michigan ‘ATM jackpotting’: Florida men allegedly forced machines to dispense $107K
Category: Business SectorID TheftMalwareU.S.

Post navigation

← Computer company sues gaming establishment and its employees over alleged software theft
Anonymous claims to leak Paris climate officials’ data (UPDATED) →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
  • Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot
  • AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
  • Two Data Breaches in Three Years: McKenzie Health
  • Scattered Spider is running a VMware ESXi hacking spree
  • BreachForums — the one that went offline in April — reappears with a new founder/owner
  • Fans React After NASCAR Confirms Ransomware Breach
  • Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack (1)
  • Infinite Services notifying employees and patients of limited ransomware attack
  • The safe place for women to talk wasn’t so safe: hackers leak 13,000 user photos and IDs from the Tea app

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Congress tries to outlaw AI that jacks up prices based on what it knows about you
  • Microsoft’s controversial Recall feature is now blocked by Brave and AdGuard
  • Trump Administration Issues AI Action Plan and Series of AI Executive Orders
  • Indonesia asked to reassess data privacy terms in new U.S. trade deal
  • Meta Denies Tracking Menstrual Data in Flo Health Privacy Trial
  • Wikipedia seeks to shield contributors from UK law targeting online anonymity
  • British government reportedlu set to back down on secret iCloud backdoor after US pressure

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.