Las Vegas’ Hard Rock casino hit by carders

Las Vegas’ popular Hard Rock Hotel and Casino has been hit by carders, who took off with names, card numbers, expiration dates, and CVV codes (but not PIN numbers or other information) of customers who used their payment cards at several locations within the property.

“This criminal attack was limited to credit or debit card transactions between September 3rd, 2014 and April 2nd, 2015 at restaurant, bar and retail locations at the Hard Rock Hotel Las Vegas property, including the Culinary Dropout Restaurant. The attack did not affect transactions at the hotel, casino, Nobu, Affliction, John Varvatos, Rocks, Hart & Huntington Tattoo or Reliquary Spa & Salon,” the company has shared in a statement posted on their website during the weekend.

Not much detail has been offered about how the breach happened, but it’s likely that POS malware has been installed at the affected locations.

The company “contained” the attack on April 2, but they don’t say whether they have detected the attack themselves or they have been notified of it by banks or payment processors. Law eforcement has been notified about the breach, and a breach notification email has been sent to affected customers (number still unknown).

The latter have been advised to review their credit and debit card statements and report any suspicious activity to their bank, as well as to take advantage of complimentary fraud resolution and identity protection services the company is offering.