On July 13, 2015 the Organization?s intrusion detection system identified potential malware activity on 3 servers. The Organization initiated an investigation and hired a third party forensic investigator. The investigation determined the incident involved malware that targeted data on the server between April 21, 2015 and July 27, 2015. The forensic investigators concluded that there was no direct evidence that the payment card information was removed or taken. The Organization was notified on November 19, 2015, by a payment card company that potentially fraudulent activity had been noted with respect to payment cards used at Organization properties between February 10 and November 19, 2015. The Organization has not identified any complaints as a result of the incident from Canadian individuals.