OVERLAND PARK, Kan., Feb. 4, 2023 /PRNewswire/ — On or about July 28, 2022, CORE Cashless became aware of a compromise to its environment, which may have resulted in the inadvertent exposure of sensitive information of individuals who processed their payment card through the websites of certain CORE Cashless clients. CORE Cashless has worked diligently to determine what happened and what information was involved as a result of this incident. Unfortunately, these types of incidents are becoming increasingly common and even organizations with some of the most sophisticated IT infrastructure available are affected.
A third-party forensic investigation determined an unauthorized individual gained access to CORE Cashless’ network on or about January 29, 2022, which may have permitted the unauthorized individual to access information inputted into certain online payment portals maintained by CORE Cashless’ clients. The potentially compromised information may have included, but potentially were not limited to: names, addresses, email addresses, phone numbers and payment card information.
Despite the threat actor capturing such information, CORE does not collect, store or otherwise maintain customer data inputted into its clients’ web portals but acts as a “passthrough” service. As such, CORE requested that its potentially impacted clients provide information as to its online web portal customers for notification purposes. Notification letters were issued on behalf of CORE Cashless and its clients who responded to this request via US mail between December 2, 2022 and December 20, 2022 and via email between December 30, 2022 and January 9, 2023. The letters included additional information about what occurred, outlined the personal information that could have been exposed for that individual, and provided a toll-free number that individuals can call to learn more about the incident. The call center can be reached at (855) 504-9709 and is available Monday through Friday from 8:00 am to 5:30 pm Central time. As data incidents are increasingly common, CORE Cashless encourages you to always remain vigilant, monitor your accounts, and immediately report any suspicious activity or suspected misuse of your personal information.
CORE Cashless understands the inconvenience or concern that this matter may cause and remains dedicated to ensuring the privacy and security of the sensitive information of its clients’ customers.
Potentially Impacted CORE Cashless Clients:
Adventureland; APEX Boomers Livermore; Apex Parks Group, LLC, Boomers Irvine; Apex Parks Group, LLC: Big Kahunas; Apex Parks Group, LLC: Boomers Boca Raton; Apex Parks Group, LLC: Boomers Modesto; Apex Parks Group, LLC: Boomers Santa Maria; APEX SpeedZone LA; Arnold’s Family Fun Center, Valley Forge Promotions; Arnold’s Family Fun Center, Valley Forge Promotions: American Treasure Tour Museum; Baytowne Adventure Zone; Casino Beach Pier LLC; Centreville Amusement Park; Clementon Park Holding, LLC; Cliff’s Amusement Park; Como Town Amusement Park; Cowabunga Bay Las Vegas; Cowabunga Bay Waterpark, Utah; Enchanted Forest Water Safari; Fairytale Town; Fun Spot America, Kissimmee; Fun Spot American: Orlando; Fun Spot Atlanta; Funtasticks Tucson; Hawaiian Falls Mansfield; Hawaiian Falls Roanoke; Hawaiian Falls Waco; HOCO Entertainment & Resorts, Clifton Hill; Hurricane Alley, Ltd.; Indiana Beach; iT’Z Euless; iT’Z Houston; iT’Z Pasadena; Jenkinson’s South Inc.; Parrot Cove; Quassy Amusement Park; Shipwreck Island Water Park; The Amazing Pizza Machine; The Track Branson OpCo, LLC: The Tracks; The Track Branson OpCo, LLC: Xtreme Racing Branson; Waldameer; WaterWorks Park; Water-Zoo; White Post Farms; Wonderland Amusement Park, Inc.
SOURCE CORE Cashless