JC Resorts data breach compromised close to 6,000 individuals

Leading Southern California resorts group JC Resorts said unauthorised access to its computer systems in January compromised the personal information of close to 6,000 individuals.

 

The resort chain, which owns and manages twenty-two resorts, golf clubs and golf courses in Southern California, announced in a data breach notification filed with the office of the Attorney General of Maine that the data security incident was discovered and contained on January 19, 2026.

 

The hospitality company said that upon becoming aware of the unauthorised access, it quickly launched a response with help from outside cyber security experts to sever the unauthorised access, secure its network, and determine the nature and scope of the unauthorised activity.

 

The preliminary investigation determined that malicious actors had gained access to certain files stored in the company’s computer systems and copied those files on January 19. This prompted JC Resorts to launch a comprehensive review of the affected files to determine what information was taken and to whom did the information related to.

 

The company said that the recently-completed review determined that the compromised files contained customers’ names, Social Security numbers and other pieces of personal information. In its filing with the Maine Attorney General’s office, JC Resorts said the data security incident impacted approximately 5,942 individuals.

 

"JC Resorts is working to implement additional safeguards and training to its employees. JC Resorts is providing
access to credit monitoring services for 24 months, through Experian, to individuals whose personal information was potentially affected by this incident, at no cost to these individuals," the company said.

 

"As part of our ongoing commitment to the privacy of personal information, we have implemented additional safeguards to protect data in our care. We are working to review and further enhance these protections as part of our ongoing commitment to data security," it added.

 

The resort chain has also warned affected individuals to remain vigilant against incidents of identity theft and fraud by reviewing their account statements and monitoring their free credit reports for suspicious activity and to detect errors.