Hackers breached two computer stations owned by Vacationland Vendors of Wisconsin Dells, placing about 40,000 credit or debit card users at risk of theft.
The computers were at the Wilderness Resorts in Lake Delton and Sevierville, Tenn, where Vacationland Vendors operates the arcades. The company owns and operates 11 arcades and has been in operation 30 years. Vacationland Vendors is one of the Gussel family's businesses, which also include Holiday Wholesale as well as convenience stores and Dunkin Donut franchises.
A notice on the Vacationland Vendors web site says, "Based upon its investigation to date, Vacationland Vendors reasonably believes that a computer hacker improperly acquired credit card and debit information. This incident did not involve an internal security issue within the Wilderness Resort. Vacationland Vendors has learned that other businesses just like its own have been affected by this computer hacker."
Evan N. Zeppos, of the public relations firm, Zeppos & Associates, which is handling publicity about the breach, said the company was alerted to the breach by calls from one or two customers. The breach occurred on March 22.
No other computer systems in the Vacationland Vendors system with credit card information have been breached by hackers, Zeppos said.
Zeppos said when Vacationland learned of the breach, it called in forensic experts to look at the rdata in the system.
"Once we became aware of the breach, we immediately shut down the credit card system and took it offline April 1," Zeppos said.
Since then, the company has upgraded its security on the computer system. "We . . . believe we now have the highest level of security."
Although 40,000 credit or debit card users data was stored, Zeppos said it is believed that fewer than 20 individuals were impacted.
He suggested that anyone who used who used credit or debit cards at one of the affected arcades from Dec. 12, 2008 to May 25, 2011 should check their credit card statements for any unusual activity. Paying close attention to credit and debit card statements is a good thing to do. Saying he does not want to make excuses for the company, he encouraged customers to be diligent and vigilant for illegal use of their cards.
Heidi Fendos, public relations director for Sprecher Bertalot of Milwaukee, which handles public relations for the Wilderness resorts, said customers who used credit or debit cards at the resorts are being asked to carefully check their credit card statements.
"When they made our resort aware of the breach to one of their credit card stations in our Wild West Mega Arcade, we had them immediately cease all credit card activity in their leased area," Fendos said.
"Our resort wants to make it clear that the Wilderness Resort's credit card system was never compromised at any time during this situation with Vacationland Vendors' credit card station," Fendos said.
Vacationland Vendors continues to lease and operate the arcades at Wilderness, but the area is cash-only now. Credit cards are no longer accepted.
Zeppos said Vacationland is trying for broad dissemination of the information about the threat and has information on its web site, www.vactionlandvendors.com about what to do. The site says to do the following:
■ Watch for any unusual activity on your bank statements, credit card account or suspicious items on your bills.
■ Contact any of your credit card issuers, banks or credit unions, and inform them of this incident.
■ Place a fraud alert on your consumer credit file. A fraud alert instructs creditor to watch for unusual or suspicious activity in your accounts, and provides creditors with notice to contact you separately before approving an extension of credit. To place a fraud alert, free of charge, contact one of the three national credit reporting agencies listed below. You do not need to contact all three; rather, the agency that you contact will forward the fraud alert to the other two agencies on your behalf.
The national credit reporting agencies are Equifax Information Services LLC, P.O. Box 105069, Atlanta, GA 30348-5069, 1-800-525-6285, www.equifax.com; Experian, 1-888-397-3742, www.experian.com; and TransUnion, Fraud Victim Assistance Dept, P.O. Box 6790, Fullerton, CA 92834, 1-800-680-7289, www.transunion.com, fvad@transunion.com.
Information about personal identity theft and fraud may be obtained from the Federal Trade Commission at www.consumer.gov.idtheft or by calling 1-877-ID-THEFT
Zeppos said if individuals have additional questions they can send an e-mail to info@vacationlandvendors.com.
Source