PLANO, Texas, April 29, 2020 /PRNewswire/ -- Main Event Entertainment, Inc. ("Main Event") values the relationship we have with our customers and takes the security of payment card data very seriously. We are notifying our customers of an incident involving payment card data of some customers who made purchases at certain Main Event centers. This notice explains the incident, measures we have taken, and steps customers may consider taking as well.
We recently received a report from a third party suggesting there may have been unauthorized access to data from payment cards that were used at some Main Event centers. We immediately launched an investigation, and leading cybersecurity firms were engaged to assist.
On April 9, 2020, the investigation identified the operation of malware designed to access payment card data from cards used on point-of-sale (POS) devices for food and beverage purchases and entertainment activities (other than arcade kiosks) at some Main Event centers. The malware searched for payment card track data (which sometimes has the cardholder name in addition to card number, expiration date, and internal verification code) as it was being routed through the payment processing systems. The malware was removed, and we have implemented enhanced security measures. In addition, we notified law enforcement and continue to support their investigation.
The focus of the investigation then turned to identifying the Main Event centers potentially involved and the timeframes when data from payment cards used at the locations involved may have been accessed. The investigation determined that not all Main Event centers were involved, and the specific timeframes when data from cards used at the centers involved may have been accessed vary by location over the general timeframe beginning July 19, 2019 through March 16, 2020. There is one location where access to card data may have continued through April 7, 2020. A list of the locations involved and specific timeframes is available on our website at https://www.mainevent.com/page/paymentcardincident. Payment cards used to make purchases on arcade kiosks in Main Event centers or through our website were not involved.
Of particular note, chip-enabled (EMV) technology was implemented on our food and beverage self-order kiosks prior to the incident, and this technology was also implemented on POS systems in all entertainment spaces (other than behind the bars) on a rolling basis starting in June 2019. For cards inserted into chip-readers, only card number and expiration date (and not the cardholder name or verification code) were potentially involved. There is no indication that other customer information was accessed.
It is always advisable for customers to review their payment card statements for any unauthorized activity and immediately report any unauthorized charges to their card issuer using the number provided on the back of the payment card.
We regret this incident occurred and sincerely apologize for any inconvenience.
For more information regarding this incident, customers may visit https://www.mainevent.com/page/paymentcardincident.
Media Contact
Email: [email protected]
SOURCE Main Event
Share this article