Grand Casino Mille Lacs is latest to discover payment card malware


Grand Casino Mille Lacs says hackers used malware to collect payment card information from the casino's customers for nearly six months this year.

WCCO reports the casino estimated that 1,600 card transactions were accessed by the cyber thieves and fraudulent purchases have been made on some of the cards.

The casino in Onamia posted a notice about the security breach on its website, saying it learned in September that fraudulent charges were showing up on cards that had been used at Grand Casino.

The casino says it hired a firm to investigate and recommend new security measures, adding:

"Based on the investigation, we believe that an unauthorized person used malware to access certain payment card transactions that were made at Grand Casino Mille Lacs between April 24, 2014 and October 9, 2014. The information that may have been accessed includes customers' names, payment card numbers and card expiration dates. "

The casino does not have addresses associated with most of the cards, so it has not been able to contact the customers directly. People who used credit or debit cards at the casino are advised to contact their bank about any fraudulent charges they notice on their card.

Supervalu, Dairy Queen, Jimmy John's, and Home Depot are among the other retailers that have discovered security breaches in which thieves gained access to customers' payment card information.

It's been nearly a year now since the discovery of malware in Target's payment processing system, which ushered in the wave of data breaches.

KSTP notes that the year's worth of free credit monitoring the Minneapolis-based retailer offered to customers will expire soon. One cyber security expert says it'll be important for those customers to do their own monitoring of their credit reports because the threat does not disappear with time.

"Criminals will hang onto information. It doesn't go away. They may circle back to it one, two, even three years later. Don't go to sleep on this. It's still out there," John McCullough of Financial Crimes Services tells the station.

This embed is invalid

Next Up