Hard Rock Hotel warns guests of data breach

The Hard Rock Hotel said a malware attack may have allowed hackers to steal credit card information used at its retail and service locations.

The potential breach may have included names, credit card numbers and their CVV security codes but not PIN numbers or other sensitive customer information, the company said in a statement on Friday.

The attack, discovered on April 3, was limited to credit or debit card transactions between Sept. 3, 2014 and April 2, 2015, at the company’s restaurant, bar and retail locations, including the Culinary Dropout Restaurant.

Transactions at the hotel, casino, Nobu, Affliction, John Varvatos, Rocks, Hart & Huntington Tattoo or Reliquary Spa & Salon were not affected, company officials said.

The company said it is actively cooperating with law enforcement and credit card companies to investigate the attack.

In the statement posted on the Hard Rock website, Jody Lake, Hard Rock chief operating officer, advised customers to review their credit and debit card statements and report any suspicious activity to their banks. Lake said customers usually have no liability for unauthorized charges that are reported in a timely manner.

Lake that Hard Rock has enlisted Experian, the largest credit bureau in the U.S., to offer affected customers complimentary Fraud Resolution and identity protection for one year .

Lake also encouraged customers to activate fraud detection tools at ProtectMyID Elite. People can email hardrockhotel@protectmyid.com to request an activation code. After receiving the code, users can activate ProtectMyID Elite at www.protectmyid.com/protect.

People who have questions or need an alternative to enrolling online can call 888-829-6551 and provide Engagement #: PC93826.

Lake said customers with questions or concerns can contact Hard Rock at 888-829-6551.

The Review-Journal contributed to this report.