Cyber Incident Victim: Firekeepers Casino Hotel
Date:
Sep 2014
Location:
United States of America
Summary
A cybersecurity breach at FireKeepers Casino Hotel compromised approximately 85,000 patrons' credit and debit card details, including card numbers, names, verification codes, and expiration dates from point-of-sale systems. The incident also involved potential unauthorized access to a separate file server containing personal information such as Social Security numbers, driver's license details, and health benefit data of employees and customers, though no evidence of misuse was identified. The casino contained the breach, implemented enhanced security measures including payment system upgrades and two-factor authentication, and offered affected individuals complimentary credit monitoring services. Financial transactions processed through isolated systems, including hotel reservations and ATM usage, remained unaffected.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In July 2015, FireKeepers Casino Hotel disclosed a cybersecurity incident affecting approximately 85,000 patrons who used credit or debit cards for food, beverage, or retail purchases on its property between September 7, 2014, and April 25, 2015. Compromised information included card numbers, cardholder names, verification codes, and/or expiration dates. The casino confirmed the breach had been contained by April 26, 2015, with payment card transactions processed securely from that date onward. Systems handling hotel reservations, cash advances, ATM transactions, and the Red Hot Rewards Club database remained unaffected due to separate processing infrastructure. During a subsequent investigation in May 2015, FireKeepers discovered potential unauthorized access to a file storage server containing Social Security numbers, driver’s license numbers, health benefit selections, and medical billing information for current/former employees and their dependents. Forensic investigators found no evidence of actual access or misuse of this sensitive personal data.
FireKeepers responded by implementing new payment card processing equipment across all transactional areas and enhancing system security through firewall upgrades and two-factor authentication. The organization notified affected individuals via direct mail and established a dedicated phone support line. It offered complimentary credit monitoring and identity protection services through AllClear ID, providing enrollment instructions via a dedicated website. Patrons were advised to monitor their financial accounts for suspicious activity and contact their banks if irregularities occurred. The casino emphasized ongoing security improvements while maintaining that patron loyalty program data and segregated payment systems were never compromised during the incident.