[BreachExchange] Hard Rock Las Vegas suffers a second data breach

Inga Goddijn inga at riskbasedsecurity.com
Tue Jun 28 17:06:18 EDT 2016


http://www.csoonline.com/article/3089449/security/hard-rock-las-vegas-suffers-a-second-data-breach.html

On Monday, Hard Rock Hotel & Casino in Las Vegas disclosed data breach,
after malware was discovered on their card processing system. This is the
second time the casino has had to report such an incident.

In a statement, Hard Rock said that on May 13
<https://www.hardrockhotel.com/statement>, the resort started an
investigation after receiving reports of fraudulent activity on cards used
at their Las Vegas location. The investigators discovered unauthorized
access to the card-processing network, and later discovered malware on the
systems themselves.

The malware targeted card details such as the customer's name, card number,
expiration date, and internal verification codes. In other instances, the
malware only obtained card data, but no names.

The breach timeline includes cards that were used at some restaurant and
retail outlets between October 27, 2015 and March 21, 2016. It's important
to note, this incident only impacts the Hard Rock Hotel & Casino in Las
Vegas.

Last year, in May, Hard Rock disclosed a similar data breach that impacted
payment cards.

The compromised cards were used between September 3, 2014 and April 2,
2015, at restaurant, bar and retail locations at the Hard Rock Hotel Las
Vegas property, including the Culinary Dropout Restaurant.

Given that this is the second data breach under similar circumstances, it
looks as if the clean-up on the first incident didn't catch everything.

Otherwise, the situation is worse from a security standpoint. This week's
disclosure could point to the fact that criminals were able to access the
payment network a second time using the previous methods, or managed to
find another way in.

Either way, the incident shows that the network was clearly left vulnerable
to some degree, and criminals exploited this fact in just over five months.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160628/7bfa75f1/attachment.html>


More information about the BreachExchange mailing list