How's this for a bad trip: You get home from a wonderful, relaxing vacation with your family only to find out someone stole your credit-card information.
For the 40,000 people who've visited the Wilderness Hotel & Golf Resort in Wisconsin Dells, Wis., or the Wilderness at the Smokies resort in Sevierville, Tenn., in the past three years, that's the unfortunate reality, the security firm Sophos reported.
Wilderness Resorts, which owns both vacation spots, confirmed that a hacker accessed point-of-sale transaction systems used to process customers' credit- and debit-card information.
The breach affects anyone who visited either resort from Dec. 12, 2008, to this past May 25, when the security breach was discovered.
In its official notice to customers, Vacationland Vendors, which manufactures Wilderness Resorts' point-of-sale devices, apologized for the breach.
"The incident did not involve an internal security issue within the Wilderness Resort," the apology clarified.
Vacationland Vendors did not provide any information about how the hack occurred, but said the company "has learned that other businesses just like its own have been affected by this computer hacker."
Vacationland Vendors advised people who fear their credit card was stolen to alert their banks and to place fraud alerts on their consumer credit files, which alert creditors to keep an eye out for suspicious account activity.
Wilderness Resorts is the latest in a growing list of companies and organizations, including Yale University, Purdue University and Stanford University Hospital, who've been hit by hackers and data breaches this year.
The government is taking notice; Sen. Richard Blumenthal, D-Conn., last week introduced the Personal Data Protection and Breach Accountability Act of 2011, which would force companies that hold online information for more than 10,000 people to comply with strict guidelines to ensure that data is stored properly.