Hard Rock Hotel & Casino Las Vegas is reporting that malware may have allowed criminal hackers to steal information related to credit or debit cards used at certain retail and service locations at the property between September 3, 2014, and April 2, 2015.
The information potentially affected includes names, card numbers, and CVV codes but does not include PIN numbers or other sensitive customer information, the property said in a statement explaining the situation. Hard Rock Hotel & Casino Las Vegas is actively cooperating with law enforcement and credit card companies to investigate this criminal attack.
The attack, which Hard Rock discovered on April 3, was limited to credit or debit card transactions between September 3, 2014, and April 2, 2015, at restaurant, bar and retail locations at the Hard Rock Hotel & Casino Las Vegas property, including the Culinary Dropout Restaurant. The attack did not affect transactions at the hotel, casino, Nobu, Affliction, John Varvatos, Rocks, Hart & Huntington Tattoo or Reliquary Spa & Salon.
Upon discovering the security issue Hard Rock immediately engaged outside information security experts to investigate and implement additional security measures, the property said. The company is offering identity protection services to potentially affected customers in order to safeguard against any misuse of customer information.
More information on the incident and how customers can activate protection services is available at www.hardrockhotel.com/statement.