Zoo And Museum Gift Shop Operator Confirms Details Of Payment Data Breach

Back in July, we shared the news that there was a possible payment data breach at numerous zoo and museum gift shops run by Service Systems Associates, a company that designs and runs cafeterias and gift shops for cultural institutions. The company has finally confirmed the breach and the dates that it happened: if you picked up a stuffed lion between March 24 and May 20 of this year, keep an eye on your credit card bills.

Here’s the list of institutions that were affected:

  • Dallas Zoo
  • Detroit Zoo
  • El Paso Zoo
  • Fresno Chaffee Zoo
  • Herman Park Conservancy
  • Honolulu Zoo
  • Houston Zoo
  • Zoo Miami
  • Tampa’s Museum of Science and Industry
  • Pittsburgh Zoo & PPG Aquarium.

SSA says that customers’ credit card numbers and names were compromised in the attack, which used malware to scoop up customer information. The company says that it has since secured its systems, removing keyboard-based card readers and making remote access to payment systems more difficult.

The company is offering the perfunctory one year of credit monitoring, which won’t really do you much good once your information has already been breached. If you happen to have used your card at one of these gift shops, keep an eye on your statements and check your credit report regularly as well.

Current Details on Service Systems Associates, Inc. Data Breach [Statement]