For the second time, the card-processing network was compromised On Monday, Hard Rock Hotel & Casino in Las Vegas disclosed data breach, after malware was discovered on their card processing system. This is the second time the casino has had to report such an incident.In a statement, Hard Rock said that on May 13, the resort started an investigation after receiving reports of fraudulent activity on cards used at their Las Vegas location. The investigators discovered unauthorized access to the card-processing network, and later discovered malware on the systems themselves.The malware targeted card details such as the customer’s name, card number, expiration date, and internal verification codes. In other instances, the malware only obtained card data, but no names.The breach timeline includes cards that were used at some restaurant and retail outlets between October 27, 2015 and March 21, 2016. It’s important to note, this incident only impacts the Hard Rock Hotel & Casino in Las Vegas. Last year, in May, Hard Rock disclosed a similar data breach that impacted payment cards.The compromised cards were used between September 3, 2014 and April 2, 2015, at restaurant, bar and retail locations at the Hard Rock Hotel Las Vegas property, including the Culinary Dropout Restaurant. Given that this is the second data breach under similar circumstances, it looks as if the clean-up on the first incident didn’t catch everything.Otherwise, the situation is worse from a security standpoint. This week’s disclosure could point to the fact that criminals were able to access the payment network a second time using the previous methods, or managed to find another way in.Either way, the incident shows that the network was clearly left vulnerable to some degree, and criminals exploited this fact in just over five months. Related content news Gwinnett Medical Center investigating possible data breach After being contacted by Salted Hash, Gwinnett Medical Center has confirmed they're investigating a security incident By Steve Ragan Oct 02, 2018 6 mins Regulation Data Breach Hacking news Facebook: 30 million accounts impacted by security flaw (updated) In a blog post, Facebook’s VP of product management Guy Rosen said the attackers exploited a flaw in the website's 'View As' function By Steve Ragan Sep 28, 2018 4 mins Data Breach Security news Scammers pose as CNN's Wolf Blitzer, target security professionals Did they really think this would work? By Steve Ragan Sep 04, 2018 2 mins Phishing Social Engineering Security news Congress pushes MITRE to fix CVE program, suggests regular reviews and stable funding After a year of investigation into the Common Vulnerabilities and Exposures (CVE) program, the Energy and Commerce Committee has some suggestions as to how it can be improved By Steve Ragan Aug 27, 2018 3 mins Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe