GLENS FALLS, N.Y. -- It seems hackers found their way into a database housing information on a number of customers at local theaters.
Vendini, based out of California, notified its customers-- but waited two months to do so - per a request by the FBI.
"A full-scale, internal investigation is under way at Vendini with outside computer forensic and cyber security experts. Although our internal investigation is ongoing, we believe that in late March, a third-party criminal actor used hacking technologies to access our databases and may have accessed personal information, such as name, mailing address, email address, phone number, and credit card numbers and expiration dates that belong to our members' consumer-patrons. It is important to note we do not collect credit card security access codes (e.g., CVV, CVV2, PINs), information that is typically needed to complete a credit card transaction. Consumer-patron usernames or passwords were not accessed by the intruder," said Vendini, in a statement posted online.
Erin Coon with the Charles Wood Theater in Glens Falls said they got to their customers early after receiving notice of the breach, and have heard of only one customer's account being affected.
Coon says while they have always had tight credit card security, but they are still reviewing security procedures to see if any elements can be stepped up.
"We don't record any credit card numbers just last four digits on card, or even collect digits on back," she said.
Home Made Theater in Saratoga Springs was also affected by the breach.
Customers who may have used cards at any of the local theaters are asked to review their credit card statements, and if they see anything out of the ordinary to contact the NY Attorney General's Office at 1-800-771-7755.