Atlantis, Paradise Island Resort Suffers Breach of Payment Card Data

Media Division | July 25, 2017

There are many different types of data stored within the digital realm that can be extremely valuable to cyber attackers, as they can use it for a wide range of malicious purposes. It really all depends on the type of data stolen as to how the attacker may use it. But, there is a purpose that is common to a large number of hackers, and that would be monetary gain, which is why financial data is, of course, a frequent target for cyber criminals. In a recent incident of this, the Atlantis, Paradise Island Resort was targeted in a cyber attack which led to customer payment data being stolen.

Details of the Breach

Atlantis is a large resort located in the Bahamas which is frequented by American tourists. According to reports, the resort’s credit card processor had alerted them to a potential security issue. They had then recruited the help of third party forensic experts to review the payment network, where they had discovered malware within the system. Individuals that had used their credit or debit cards at the resort between November 1, 2016, and April 3, 2017, may have had their card data compromised. Though, cards that were used for room reservations had not been affected. They say that the investigation is still ongoing, but the malware looks to have collected card numbers, expiration dates, and CVV codes, but customer names or PIN numbers do not appear to have been affected. The exact number of card numbers stolen in the attack is unknown. The malware seems to have only been able to steal card data from purchases made at a POS system, such as bars, restaurants, or gift shops at Atlantis, Paradise Island. Beverage and food purchases that were charged to the guest’s rooms were not affected as part of the attack. The immediate compromise appears to have been resolved, as the resort said in a statement, “The Resort has removed the malware at issue to contain this incident and implemented additional procedures in an effort to prevent any further unauthorized access to customers’ credit and debit card information.”

Aside from addressing the immediate problem within the system, it does not appear that the resort is doing much to assist those that may have been affected by the breach. In incidents like this, many organizations will offer credit monitoring services to those affected, but there does not appear to be any reports of the resort providing this to customers. An incident can become much worse when an organization begins to lose customers and business because of not fully taking responsibility for a breach, as it can ruin customer trust and reputation. This incident is quite bad for Atlantis Paradise Island, as it comes in the wake of an earlier data breach last year.

Detecting Threats with Cyber Security Monitoring

As we have mentioned before, one of the largest reasons that data breaches and cyber attacks are able to cause so much damage is because they often go undetected for months or years. This simply allows threats to sit within systems or networks and continue on with their malicious purposes, which is why cyber security monitoring is so vital. Comprehensive monitoring allows an organization to have much more awareness of their networks and systems, enabling them to detect any unauthorized access or anomalies. IT staff or a dedicated analyst can then receive alerts, and handle them if they turn out to be malicious. Massive Alliance’s cyber security monitoring services can help an organization to better protect their systems from threats and attackers.

Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.