Those who purchased passes to Maine State Parks online last year may have had their credit card information fall into the wrong hands, according to WCSH5.com.
Maryland-based InfoSpherix, a subsidiary of San Diego-based Active Network in charge of the online state park pass purchases, suffered a cyber attack that may have exposed cards used in transactions from March 21 to Dec. 22, 2010, The Associated Press reported.
So far, there is no evidence of fraudulent charges on any of the cards, and the Department of Conservation has notified 970 credit card holders in Maine.
“In essence though, we were also the victim of it and it was up to the vendor to notify all the card holders who might have used the site,” said Jeanne Curran, the department’s spokeswoman. “Since then, the site has been taken down and we’re working with another vendor to create a better safer site.”
Assistant Attorney General Thom Harnett told AP, the problem could expand beyond the state because hackers managed to breach several servers containing credit card numbers and expiration dates. Names associated with those cards, however, were kept on another server, he said.