Very bad, so much so that even Sands itself is uncertain of the full extent of the damage. It took more than two weeks after the Feb. 11 cyber-assault for Sands to confirm that "legally protected customer" data, affecting a number of people "in the mid five-figure range" had been plundered. Sands tried to soften the blow by saying this represented "less than 1% of our total visitation" to Sands Bethlehem, but the company couldn’t ascertain yet whether credit card information had been stolen. Its mailing database ("similar to what any direct-marketing firm would use for promotional purposes") was filched and company data may have been destroyed.
So, if you’re a Sands Bethlehem patron, the hackers may have gained access to your Social Security number, passport number, bank-account number, driver’s license number, etc. And while Sands has tried to maintain a brave front, it’s also been forced to revise its assessment of the damage several times since Feb. 11 -- and the news invariably gets worse.
To Sands’ credit (pun unintended) it has set up consumer-protection measures with Experian Consumer Services, Equifax, and TransUnion. If Sands Bethlehem determines that your personal data has been compromised (a notification letter will be sent), call 1-866-579-2213 to activate a complimentary, one-year Experian membership. "We alert you to any key changes to your credit report," says an Experian staffer, adding that dubious transactions will be referred to a dispute team. Also, Sands is continually updating the "look-up list" of affected customers. You are only eligible for the service if you have been notified by, and received a validation number from, Sands.
We found Experian to be swift and congenial – and applaud Sands for underwriting what could be very many Experian memberships – each with $1 million in identity-theft insurance. If you have further questions, visit sandsinfo.com/index.html. "We are taking every precaution to ensure this type of incident will not occur again and to protect identified customers affected by the data breach," the company promises, adding, "At this time, we have no reports of any fraudulent activity related to the data breach … Be on the lookout for phishing schemes, and do not provide any sensitive information to unsolicited requests claiming to come from financial institutions or Sands Bethlehem."
