So, in today's mail I received a letter from WDW Resort alerting me that my credit card account info may have been exposed to an unauthorized person during my stay at WDW Resort.

Please feel free to move this post if it isn't in the correct forum.

The letter states that in Dec 2009 WDW was informed by law enforcement that they received reports of credit card fraud regarding individuals who had recently stayed at two WDW resorts. WDW immediately took action & discovered an unauthorized device on a front desk check-in terminal at one of the two resorts, which apparently was used to capture guests' credit card info when the cards were processed during check-in. Info may include the card numbers, exp date, CCV code, and quite possibly the card holder's name, address, & telephone number associated with the account.

Law enforcement investigated & identified a former employee who worked at the front desk at both resorts (FYI: the resorts are NOT named in the letter). The former employee entered a plea agreement admitting that she placed the devices on front desk terminals at one of the resorts during the period of Sept 2009 to Dec 2009.

WDW states in the letter that they don't believe that all registered guests who presented credit cards were affected, but as a precaution they are notifying all guests of the incident.

:jaw: :eek:

Wow. Just...wow.

For what it's worth: one of those resorts had to be OKW because that's where I stayed Sept 2009. Again, the letter doesn't name the resorts. And as for my credit card info: I did online check-in, so I didn't present a credit card when I received my packet (I don't believe I did). I'm pretty certain I was asked for just my driver's license.

WDW does not appear to be offering any kind of credit monitoring service at this time.

For some reason I can't edit my original post but: I stayed at OKW in Sept 2009 and POFQ in Nov 2009. But again, I used online check-in for both resorts.

I think I read there was a worker or something that was caught. Maybe a few pages back in the posts.

Dang, I'll have to read through the posts. The letter I got this morning was the first I had heard about this.

Yep, there is a case/prosecution against a resort worker who stole credit card information from several guests, over a period of 9 months. She worked at a few properties in the front desk position. She "sold" the credit card info to "some guy" for a fee of $500/month. :rolleyes:

Luckily, MOST credit card companies have built in fraud protection and you will not be held responsible for unauthorized charges. I feel badly for the people who used bank debit cards (check cards). Those funds are probably long gone and very difficult to get back.

I'm not sure Disney ever offers free credit monitoring after such incidences.

A few years ago I received a similar letter in the mail regarding my account with Disney Movie Club. They were merely offering me a "courtesy" notification that my credit card info may or may not have been stolen. I was surprised monitoring wasn't offered considering it was their security breach. Over the lat several years we've had sensitive material "stolen" and/or "lost" and the other companies all offered a year of monitoring.

It could very well have been at Old Key West. Here's the article:


. Disney worker admits stealing resort guests' credit card numbers
Prosecutors put the loss at more than $83,000By Susan Jacobson Orlando Sentinel

Updated: 4:37 p.m. Friday, June 4, 2010

Posted: 4:36 p.m. Friday, June 4, 2010


Guests of two Walt Disney World resorts got an unpleasant surprise when their credit-card numbers were stolen and used to buy tens of thousands of dollars worth of goods they did not authorize, federal court document show.

Ana Rosa, a former front-desk clerk at Saratoga Springs Resort & Spa and Disney's Old Key West Resort, faces prison after reaching a plea agreement in which she admitted her role in the scheme.

Federal prosecutors say the Orange County woman bilked 178 people, 32 banks and credit-card issuers and four vendors out of more than $83,000.

A detective in December found a small device that scans card numbers attached to one of the front desk computers at Saratoga Springs. Rosa, 40, admitted putting it there in November, according to the plea agreement.

Rosa was charged with possessing at least 15 devices that stole customers' credit-card information between September and Jan. 7. She was prosecuted in federal court because many of the transactions were routed to other states, and many of the defrauded banks and card issuers are not in Florida, documents state.

A search of Rosa's home in January yielded scanning devices, computer equipment and a notebook with Social Security numbers written in it, charging documents show. Found under Rosa's mattress was a print-out with 77 credit-card numbers from 25 card issuers, authorities said.

Rosa told investigators that a friend introduced her to a man at an auto-repair shop who gave her a scanning device and $400 to buy more of them. He told her where to put the device on her work computer at Saratoga Springs, she told investigators. She said she put at least three on her work computers.

Rosa said the man paid her $500 in October for bringing him scanners with the downloaded information but did not pay all he promised. She admitted downloading information from one of the devices to er computer and claimed she was going to use it as leverage to get the rest of her money.

Rosa pleaded guilty to two charges: fraud and related activity in connection with credit card, and aggravated identity theft. The first charge carries a maximum sentence of 10 years in prison and a fine of $250,000. The second charge carries a maximum of two years and $250,000.

She also must forfeit all property she obtained through proceeds from the scheme.

The Orange County Sheriff's Office started receiving complaints in September that credit-cards numbers had been stolen from patrons of Saratoga Springs and Disney's Beach Club resorts, even though they still had their cards.

In November, Citibank told law officers that nine cardholders who had stayed at Saratoga Springs complained about unauthorized charges. In December, Chase bank reported that 88 cardholders who had stayed at Saratoga Springs and Old Key West resorts between Aug. 31 and Sept. 30 had been victimized.

Rosa agreed to cooperate with the government in its prosecution of others involved in the case

Thanks for the info, everyone. I can't believe I missed the original story :blush:.

I got my letter yesterday too. We stayed at Saratoga Springs in October 2009. Good thing I documented my trip report so weel that I put the names down of almost all the cast members we met. We too did online check-in and we were never serviced by "Rosa".

Geez.