Casino reports data breach
A casino in the region is investigating a data breach that may have affected tens of thousands of people.
Firekeepers Casino Hotel in Battle Creek announced last week that there was unauthorized access into its computer systems in April. The incident involved payment card information.
The casino said it immediately consulted independent IT forensic experts and law enforcement agencies. The investigation is ongoing.
Card and ID information
The security breach may have affected 85,000 credit and debit cards used between Sept. 7, 2014 and this April. The cards at risk were used for food, beverage and retail purchases.
Information that may be at risk includes card number, cardholder name, verification code and card expiration date.
The investigation also found there might have also been a breach in May to a file-storage server with the personal information of customers, employees and their dependents.
Information at risk could include Social Security numbers and driver’s license numbers. Investigators and Firekeepers have not found evidence of unauthorized access or misuse of the personal ID information.
Those not affected
Cards processed since April 26 have been processed securely.
Cards used for hotel reservations, cash advances and ATM transactions are processed on a separate system and were not affected.
Members of the Red Hot Rewards Club database were not affected.
People potentially affected by the breach will receive informational letters and resources and are encouraged to call (855) 861-4021 with questions.
Firekeepers is also offering free credit monitoring and identity protection services through AllClear ID via firekeepers.allclearid.com.
Firekeepers customers are encouraged to monitor their credit and debit card accounts, as well as contact their banks if they notice suspicious activity.
Firekeepers said it has taken steps to prevent similar events, including installing new payment card processing equipment.
The casino also increased its firewall protections and implemented a two-factor authentication for its computer systems.