Last month we wrote about how the popular Pennsylvania amusement park, Hershey Park, reportedly suffered a data breach. Now, the company is confirmed the attack, offering more information to those customers who may have been affected.
Officials with Hershey Entertainment and Resorts (HE&R) Company explained that an internal investigation has exposed evidence of a breach between February 14 and June 2 of this year. All aspects of their business, including Hotel Hershey, Hershey Park and Hershey Park Stadium, were compromised, though the company reported that purchases made after May 9 were less likely of being affected than those prior to that date.
According to Financial Buzz, the breach was discovered when a routine virus scan from the company's internal anti-virus software identified and eliminated a suspicious file in the payment system. Despite receiving fraud complaints from customers shortly thereafter, Hershey Entertainment claims that there is no evidence that the file removed any information from their systems, according to NBC Philadelphia.
"HE&R had security measures in place that were designed to prevent an unauthorized person from retrieving the file that contained the copied payment card data, however, HE&R has not been able to conclusively determine that these measures were not bypassed," the company said in a statement. They continued, saying that even though their existing security should have prevented the incident, the will work to further improve security with the help of an outside security firm.
HE&R is providing customers whose information was compromised in the breach with a free, one-year membership with a credit card security firm.
If you run a retail company and are in need of new payment processor software, be sure to contact 911 Software today!