Affinity Gaming Credit Card, Debit Card System Hacked

Casino operator Affinity Gaming has joined the growing list of businesses dealing with malicious hacker attacks against credit card and debit card systems.

The Las Vegas-based company, which operates casinos in several U.S. cities, said customer credit and debit card information at all of its Casinos was compromised in a breach that occurred between March 14 and October 16.

The company described the issue as “an unauthorized intrusion into the system that processes customer credit and debit cards.” Affinity is urging all customers who visited its gaming facilities during the seven-month window to take urgent steps to protect their identities and financial information.

Affinity also acknowledged a separate hack into the system that processes credit and debit cards at its Primm Center Gas Station in Primm, Nevada.  “This intrusion began on an unknown date and it ended on November 29, 2013,” the company said.

From the company’s statement:  

On October 24, 2013, Affinity was contacted by law enforcement regarding fraudulent charges which may have been linked to a data breach in Affinity’s system. Affinity immediately initiated a thorough investigation, supported by third-party data forensics experts who determined the nature and scope of the compromise, and confirmed that Affinity’s system has been fully secured and that its customer payments are protected.  On November 14, 2013, Affinity posted notice of this incident on its website.

Affinity said its investigation determined that malware was used in the attack at its casinos in Nevada, Iowa, Missouri and Colorado. “Credit or debit card data was exposed at these locations between March 14th and October 16th of 2013,” the company warned.

Affinity did not say how many customers were affected by the breach.