Wilderness Resort Provides Notice of Data Security Incident

WISCONSIN DELLS, Wis.–(BUSINESS WIRE)–Wilderness Resort officials today announced that a recent data incident
compromised the security of some of the Resort’s computer processing
systems. Guests who used their debit or credit card to pay for or place
hotel reservations or to make purchases at onsite food and beverage
outlets, attractions, and retail locations between March 9, 2015 and
June 8, 2015 could potentially be affected by this incident. The
security compromise, however, did not impact the Resort’s computer
system used to process online gift card purchases or the computer system
used to process purchases at off-site food and beverage locations –
including Field’s at the Wilderness, Sarento’s and Monk’s – or Sundara
Spa.

“We take the security of our guests’ personal information very
seriously, and want to sincerely apologize for any inconvenience this
incident may have caused any of our guests,” said Joe Eck, general
manager. “By working closely with third-party forensic investigators to
confirm the security of our systems, we are confident that our guests
can once again safely use their payment cards throughout our Resort.”

On October 8, 2015, Wilderness, with the help of third-party forensic
investigators, discovered an unknown person or persons had placed a
sophisticated malware on the Resort’s computer systems used to process
credit and debit cards. The Resort launched an in-depth investigation to
determine what happened and what information was affected. After
extensive investigation, forensic investigators determined that the
processing systems for the Resort’s reservation system, onsite food and
beverage outlets, attractions and retail locations were compromised. As
this investigation was being conducted, the Resort also implemented
additional security measures to prevent any further unauthorized access.
The malware, which was removed, may have compromised the security of
payment cards processed by the Resort between March 9, 2015 and June 8,
2015. The cardholder data that may be at risk as a result of this
incident includes name, card number, expiration date, and CVV.

The Resort is offering guests, who provided card information or who used
their card onsite during this time period, access to one free year of
credit monitoring. Guests can enroll in this complimentary service by
visiting the Resort’s website at http://www.wildernessresort.com.

Additionally, the Resort has established a dedicated assistance line for
anyone seeking more information regarding this incident. It can be
reached by calling 1 (855) 770-0004, 8 a.m. to 6 p.m. CST, Monday
through Friday. Callers should use reference number 7113111815 when
calling.

The Resort encourages everyone to remain vigilant against incidents of
identity theft by reviewing their account statements regularly and
monitoring their credit reports for suspicious activity. Under U.S. law,
everyone is entitled to one free credit report annually from each of the
three major credit bureaus. To order a free credit report, visit www.annualcreditreport.com
or call, toll-free, 1-877-322-8228. Individuals may also contact the
three major credit bureaus directly to request a free copy of their
credit report.

The Resort encourages everyone to take additional action to further
protect against possible identity theft or other financial loss. At no
charge, an individual can have the credit bureaus place a “fraud alert”
on their file that alerts creditors to take additional steps to verify
their identity prior to granting credit in their name. Note, however,
that because it tells creditors to follow certain procedures to protect
the individual, it may also delay the individual’s ability to obtain
credit while the agency verifies their identity. As soon as one credit
bureau confirms the guest’s fraud alert, the others are notified to
place fraud alerts on this person’s file. Should an individual wish to
place a fraud alert, or have any questions regarding his or her credit
report, they can contact any one of the agencies listed below.

An individual may also place a security freeze on their credit reports.
A security freeze prohibits a credit reporting agency from releasing any
information from one’s credit report without the consumer’s written
authorization. However, placing a security freeze on one’s credit report
may delay, interfere with, or prevent the timely approval of any
requests the individual makes for new loans, credit mortgages,
employment, housing, or other services.

If an individual has been a victim of identity theft, and he or she
provides the credit reporting agency with a valid police report, the
credit reporting agency cannot charge to place, lift or remove a
security freeze. In all other cases, a credit reporting agency may
charge a person a fee to place, temporarily lift, or permanently remove
a security freeze. The individual will need to place a security freeze
separately with each of the three major credit bureaus listed above if
the guest wishes to place the freeze on all of their credit files.

To find out more on how to place a security freeze, individuals can
contact the credit reporting agencies using the information below:

To obtain further education regarding identity theft, fraud alerts, and
the steps one can take to protect against identity theft and fraud,
individuals can contact the Federal Trade Commission or their state
Attorney General. For North Carolina residents, the Attorney
General can be contacted at 9001 Mail Service Center, Raleigh, NC
27699-9001, 1-919-716-6400, www.ncdoj.gov.
For Maryland residents, the Attorney General can be contacted at
200 St. Paul Place, 16^th Floor, Baltimore, MD 21202,
1-888-743-0023, www.oag.state.md.us.
The Federal Trade Commission can be reached at: 600 Pennsylvania Avenue
NW, Washington, DC 20580, www.ftc.gov/idtheft/,
1-877-ID-THEFT (1-877-438-4338); TTY: 1-866-653-4261. The Federal Trade
Commission also encourages those who discover that their information has
been misused to file a complaint with them. Further information on how
to file such a complaint can be gained by contacting any of the
reporting credit agencies listed above. Instances of known or suspected
identity theft should also be reported to law enforcement.

Contacts

For Wilderness Resort
Heidi Fendos
PR Counsel
414.778.0766
heidi@fendospr.com