ELLICOTTVILLE – Anyone who used a credit or debit card at Holiday Valley Resort since last October may be a victim of a data security breach, according to the resort.
The breach spanned from Oct. 17, 2014, to June 2 at points of sale including food and beverage, recreation, retail and lodging, according to Dennis Eshbaugh, the resort’s president and general manager. Preliminary results of an investigation revealed malicious software – also known as malware – on a number of points of sale.
The malware has been removed, and steps were taken to prevent it from reoccurring, Eshbaugh said in a notice posted on the resort’s website.
Holiday Valley is offering one year of credit repair services, through AllClear Secure, to any guest whose credit was harmed. Information on AllClear Secure will be posted June 17 at holidayvalley.com.
Credit card issuers have been notified of the situation. The resort said that guests should contact their credit card issuer if they have questions or concerns.