Cyber Incident Victim: French Lick Resort

On January 13, 2015, the accounting department at Indiana-based French Lick Resort identified a potential compromise within the resort's payment card processing systems. Subsequent investigation revealed malware had infiltrated these systems, exposing payment card data from transactions occurring across all resort venues between April 23, 2014, and January 21, 2015. The resort publicly disclosed the breach on January 28, 2015, confirming that attackers potentially accessed customer names, credit/debit card account numbers, card expiration dates, and card verification values (CVVs). While the malware captured debit card information, forensic analysis found no evidence that encrypted PIN data associated with debit transactions was compromised. The exact number of affected individuals remained undetermined at the time of disclosure, as the resort had not completed its analysis of transaction logs spanning the nearly nine-month intrusion period.

French Lick Resort immediately isolated and eradicated the malware upon detection, securing its payment systems to prevent further data exfiltration. The organization initiated enhanced security measures, including network infrastructure upgrades, system hardening, and revised operational protocols designed to strengthen protection of guest information. All potentially impacted customers were offered complimentary identity protection and credit monitoring services to mitigate fraud risks stemming from the exposed payment card details. Chief Operating Officer Chris Leininger emphasized proactive victim outreach, stating the resort aimed to contact all at-risk guests to enable protective actions. An internal investigation continued to determine the malware's entry vector, duration of undetected activity, and full scope of data accessed, though no additional findings were disclosed publicly at the time of the initial announcement.