Cyber Incident Victim: Union League Club

The Union League Club of Chicago, a prominent social club, discovered a security breach involving customer credit card information on March 5, 2016. An internal investigation revealed that an employee had used specialized computer software to access payment card data from the magnetic stripes of cards used at the establishment. The compromised data included cardholder names, card numbers, and expiration dates. The club terminated the implicated employee upon discovering the unauthorized activity and initiated cooperation with the Federal Bureau of Investigation (FBI) to address the incident. The breach affected customers who had used credit or debit cards at the club between December 10, 2015, and March 2, 2016, a window of nearly three months during which the employee operated the scheme.

On May 3, 2016, the Union League Club publicly disclosed the breach through a statement posted on its website, urging affected customers to monitor their financial accounts for suspicious activity. The club characterized the incident as involving "data found in the magnetic stripe of payment cards," confirming the exposure of core cardholder information. Independent reporting by Crains Chicago Business identified the breach method as keylogging, though the club's statement did not specify the exact technical mechanism. The Union League Club emphasized its ongoing collaboration with law enforcement and cybersecurity professionals to investigate the full scope of the incident. Customers were advised to remain vigilant for potential fraudulent transactions stemming from the compromised data, though the club did not disclose the total number of impacted individuals or whether non-financial personal information was accessed. No additional remediation measures beyond heightened monitoring were detailed in the available reports.