Globe: Data Theft Reported By Boston Convention Attendees

About 300 people who attended two conventions in Boston this fall reported that their credit card information was stolen and used to make fraudulent purchases.

Both conferences were held at the Boston Convention & Exhibition Center, and many victims say they had used their credit cards in Seaport District restaurants and bars. The credit card information theft has been reported to police.

Around 100 of the 13,000 people who attended the American Public Health Association convention in November reported being victims, according to a story Wednesday in The Boston Globe. And about 200 of the 8,000 people who attended the American Society of Human Genetics conference in October reported unauthorized credit card purchases.

"This is the first time we've had this kind of thing happen," Georges Benjamin, executive director of the American Public Health Association, told the Globe.

Victims said their credit card numbers were fraudulently used at a hearing aid company in North Carolina, at women's clothing stores in New York City, and in drugstores and big box retailers around the country to buy gift cards that can be resold for cash.

Edward McCabe, the chief medical officer for the March of Dimes, said his credit card was used for several unauthorized charges overseas after he attended the genetics conference.

The data breach did not come from the convention center itself, said Mac Daniel, a spokesman for the Massachusetts Convention Center Authority, the state agency that oversees the facility.

In fact, several employees were victimized as well, he said.

"After running internal checks and working with our customers, we found that no alleged theft occurred in any MCCA facility and appeared to occur at bars and restaurants across the city," Daniel told the Globe.

Still, the data breach comes at an inopportune time. The convention center in January is scheduled to host the annual meeting of convention planners — the professionals who advise associations and large groups where to hold their events.

Area hotels and restaurants also deny being the source of the breach, according to the newspaper.