A data security breach is being investigated at the Detroit Zoo gift shop.
Service Systems Associates, the third-party operator of concessions and retail services, is looking into a breach of their point-of-sale systems in gift shops at nine zoos throughout the United States, including the Detroit Zoo.
Malicious software was detected in SSA’s software, affecting purchases made at zoo gift shops between March 23 and June 25, 2015.
“We are obviously concerned that the vendor’s system was compromised,” said Gerry VanAcker, Detroit Zoo Chief Operating Officer. “Transactions made since June 26 are not affected by the previous breach, and it is safe to use a credit or debit card at SSA’s retail locations.”
SSA is working with an independent technology forensic expert to study the incident and prevent further issues.
The investigation started after authorities contacted the zoos about stolen credit card information.
When SSA learned of the breach, it installed a separate credit card processing system at its retail outlets.
In addition to credit and debit card numbers, the cyber hackers reportedly gained access to card holders’ names, card expiration dates and three-digit CVV security codes.
The Detroit Zoo IT systems, including those for ticket and membership sales, were not impacted by the data breach and are secure.