Vacationland Vendors, a supplier of arcade equipment and vending machines, announced at its website a major data breach affecting consumers who used their debit- credit-cards at the Wilderness Resort locations in Wisconsin or Tennessee during the period from December 12, 2008 to May 25, 2011. The company released very few details in its breach notice:
"Based upon its investigation to date, Vacationland Vendors reasonably believes that a computer hacker improperly acquired credit card and debit information. This incident did not involve an internal security issue within the Wilderness Resort."
While company did not disclose the number of consumers affected by the data breach, the Credit Union Times reported that an estimated 40,000 consumers were affected. Vacationland Vendors advises affected consumers to closely monitor their bank accounts for fraudulent charges, report any fraudulent charges to their bank, and then place a fraud alert on their credit reports.
Vacationland Vendors needs to do much more to help affected consumers, and explain more about its investigation, why the breach went on for so long -- over two years, and what the company is doing so another hack doesn't happen for so long a period.