Callaway Gardens credit, debit card records breached

benw@ledger-enquirer.comMay 25, 2013 

A Callaway Gardens official said it is unknown how many guests may be affected after its credit card security system was compromised over the last eight months.

"We have just started a more in-depth investigation so the number of accounts have not been determined yet," said Rachel Crumbley, a spokeswoman for the resort in Pine Mountain.

Crumbley said Saturday a breach in its credit card security system started in early September and lasted until Thursday when a credit card processing company identified multiple companies, including Callaway Gardens, with fraudulent credit card activity.

"In our team's immediate investigation, fraudulent malware was detected, contained and removed," said Barry Morgan, CFO of Callaway Gardens. "Guests are encouraged to review and monitor their electronic credit and debit card statements for fraudulent charges."

If you were a guest before Friday and noticed any unauthorized credit card ac

tivity, you should promptly contact your financial institution.

"We wanted to alert all of our guests as quickly as possible to make sure they take any necessary corrective and protective actions," Morgan said. "And, with large crowds anticipated for this weekend's Memorial Day Weekend Festival, we want to reassure guests that our systems have been secured and are being monitored closely."

The malware in the system at the resort collected financial information from card users. An investigation is underway at Callaway Gardens and by law enforcement authorities.

"As soon as we got wind of it, we informed our guests," Crumbley said. "I was told it could take days, weeks or months when the investigation is completed."

Until that time, guests are encouraged to review their electronic credit card and debit card statements for fraudulent charges.

Crumbley said Callaway Gardens was using the best business practices available in computer security technologies when the breach occurred. Officials now have top experts in the field of computer forensics to assist in the investigation and to recommend additional security measures as needed.

Crumbley said emails were sent to guests about the breach. Information also was sent out on Facebook and Twitter. Officials also have notified four credit card companies, American Express, Visa, MasterCard and Discover and the three major U.S. credit reporting agencies about the incident.

Guests may also contact the credit reporting agencies to check their credit reports. Free reports are available at, or by calling 877-322-8228, or completing the Annual Credit Report form on the Federal Trade Commission website at

Ledger-Enquirer is pleased to provide this opportunity to share information, experiences and observations about what's in the news. Some of the comments may be reprinted elsewhere in the site or in the newspaper. We encourage lively, open debate on the issues of the day, and ask that you refrain from profanity, hate speech, personal comments and remarks that are off point. Thank you for taking the time to offer your thoughts.

Commenting FAQs | Terms of Service