The number one issue facing the casino industry and most consumer-service industries right now is without a doubt PCI certification. The Payment Card Industry is a data security standard designed to secure all companies that accept, store, and transmit credit cards. Thanks to the rapidly-advancing digital age, we are now able to collect more information than ever before through a simple swipe of a credit card. However, along with the advantage of being able to collect and use this information to grow our business comes the tremendous responsibility of securing this sensitive data from relentless and highly-skilled hackers.
By now, most of us have experienced at least one data breach scenario as customers of major corporations. We’ve received those dreaded emails and or printed letters from longstanding retailers, restaurants, even non-profits, and health care service providers we’ve trusted letting us know information we willingly submitted to them has been compromised. It’s an uneasy feeling for the company to make that type of public announcement, and equally disconcerting as well for the customer.
Affinity Gaming, unfortunately, has not been immune to these data breaches. Shortly before I took over my current role as CIO and VP—IT, the company experienced not one, but two data breaches. In May 2014, Affinity found evidence of a hack on the casino debit and credit card system for non-gaming purchases, which impacted customers who paid for items such as hotel rooms, food and drinks and services. Prior to this in December 2013, Affinity also discovered that its Oracle Micros Point of Sale System had been infected with malware—compromising consumer credit card information. After these two back-to-back incidents, we realized we could no longer afford to not invest in the proper technology to protect our business and our most important assets—our customers!
To read the original press release, click here.