If you've visited the Hard Rock Hotel in Las Vegas in the last year, then you'll want to keep an eye on your credit card statements. The hotel is notifying customers after an ongoing breach that started in October of 2015, and lasted through March of this year.
"On May 13, 2016, the investigation identified signs of unauthorized access to the resort's payment card environment. Further investigation revealed the presence of card scraping malware that was designed to target payment card data as the data was routed through the resort's payment card system," a statement reads.
Officials with the Hard Rock Hotel & Casino said that people who dined at restaurants or shopped in stores during the time period should remain vigilant. The Hard Rock confirms that in some instances the malware was able to pull card numbers, cardholder names, expiration dates, and internal verification codes. In other cases the information did not include cardholder names.
This isn't the first time something like this has happened at the Hard Rock. In a very similar case, credit card details were exposed during an 8-month period in 2014 through the spring of 2015. Like the current case, customers who visited restaurants, bars, and shops were all notified. The breach happened due to, wait for it... card scraping malware.
The Hard Rock joins a long list of others including Target, Michaels, and Neiman Marcus that have all been hit with point of sale (POS) attacks. Security experts have warned retailers to beef up security, but upgrading to more secure platforms is not cheap. Then again, a data breach is anything but cheap, especially if it keeps happening.