Newsroom
May 04, 2015
Hard Rock Hotel & Casino reveals data breach
The Hard Rock Hotel & Casino Las Vegas announced last week that some consumers' credit and debit card information may have been hacked at some of its retail and service locations.
In its statement, Hard Rock said the breach potentially affected consumers' names, card numbers, CVV codes, but not PIN numbers "or other sensitive customer information."
The hotel and casino said the breach occurred from Sept. 3, 2014, to April 2 at restaurant, bar and retail locations at the Hard Rock Hotel Las Vegas property, including the Culinary Dropout Restaurant. It did not affect transactions made at the hotel, casino, Nobu, Affliction, John Varvatos, Rocks, Hart & Huntington Tattoo or Reliquary Spa & Salon, the statement said.
In related news, Sally Beauty Holdings Inc. said it is investigating reports of unusual card activity at some of its U.S. stores, according to KrebsonSecurity.com. Just last year, Sally Beauty confirmed a breach of its network that impacted most of its 2,600-plus locations nationwide. Also reported this month, point-of-sale maker Harbortouch disclosed a breach that involved some of its restaurant and bar customers. Krebs reported that the breach may have impacted more than 4,200 of its customers nationwide.
On Friday, NAFCU President and CEO Dan Berger urged member credit unions to reach out to their lawmakers and seek their support and cosponsorship of H.R. 2205 and S. 961, which would set national standards for merchant data security and lead to enhanced member data protections.
The two bills, both titled the "Data Security Act of 2015," would set national data security standards for merchants, outline a process for breach notifications and recognize financial institutions' compliance with the Gramm-Leach-Bliley Act's information security requirements. Berger testified in favor of such legislation last month during a hearing of the House Small Business Committee.
In its statement, Hard Rock said the breach potentially affected consumers' names, card numbers, CVV codes, but not PIN numbers "or other sensitive customer information."
The hotel and casino said the breach occurred from Sept. 3, 2014, to April 2 at restaurant, bar and retail locations at the Hard Rock Hotel Las Vegas property, including the Culinary Dropout Restaurant. It did not affect transactions made at the hotel, casino, Nobu, Affliction, John Varvatos, Rocks, Hart & Huntington Tattoo or Reliquary Spa & Salon, the statement said.
In related news, Sally Beauty Holdings Inc. said it is investigating reports of unusual card activity at some of its U.S. stores, according to KrebsonSecurity.com. Just last year, Sally Beauty confirmed a breach of its network that impacted most of its 2,600-plus locations nationwide. Also reported this month, point-of-sale maker Harbortouch disclosed a breach that involved some of its restaurant and bar customers. Krebs reported that the breach may have impacted more than 4,200 of its customers nationwide.
On Friday, NAFCU President and CEO Dan Berger urged member credit unions to reach out to their lawmakers and seek their support and cosponsorship of H.R. 2205 and S. 961, which would set national standards for merchant data security and lead to enhanced member data protections.
The two bills, both titled the "Data Security Act of 2015," would set national data security standards for merchants, outline a process for breach notifications and recognize financial institutions' compliance with the Gramm-Leach-Bliley Act's information security requirements. Berger testified in favor of such legislation last month during a hearing of the House Small Business Committee.
Share This
Related Resources
Data Privacy Issue Brief
Whitepapers
Data Privacy Issue Brief
Whitepapers
NAFCU Data Privacy Principles
Whitepapers
Compliance Monitor - August 2018
Newsletter
Get daily updates.
Subscribe to NAFCU today.