Hershey Entertainment & Resorts Company Company CyberSecurity Posture
hersheyentertainmentandresorts.com
Learn more about Hershey Entertainment & Resorts, including our Core Purpose, history, and breadth of properties with our new video - https://www.youtube.com/watch?v=Rm07tDRWPBY. Human Resources Support Center at 27 West Chocolate Ave, Hershey Press Building. For assistance, call 717-534-3178. Welcome to Hershey Entertainment & Resorts Company (HE&R), an award-winning entertainment & hospitality organization with properties including: Hersheypark, The Hotel Hershey, Hershey Bears American Hockey League team, Hershey Lodge, and numerous restaurants. HE&R is a sought-after employer where our team members have fun, are welcomed for their differences and get to work in historic settings with the smell of chocolate in the air. Our team-focused and service-oriented culture is paramount to our success. We are a community-minded, family-focused organization that strives to deliver memorable experiences to guests and employees alike. With a robust Training & Development program, welcoming environment for all team members, enviable perks and 'sweet' working environments, we invite you to visit www.HersheyJobs.com to apply for a position with us! HE&R is a privately held company founded in 1927 when our founder, Milton S. Hershey, separated his chocolate manufacturing operations from his other businesses. Our nearly 1,750 full-time and more than 7,000 seasonal/part-time employees share a common goal of upholding the legacy of our founder while striving to live by our company's Core Values: Devoted to the Legacy, Selfless Spirit of Service, Team Focused, and Respectful of Others. OUR CORE PURPOSE: Hershey Entertainment & Resorts Company is proud to help fulfill the dream of our founder, Milton S. Hershey, by providing value to Milton Hershey School® in its mission of helping students lead happy, healthy, and fulfilling lives - just as Mr. Hershey wanted. Learn more at www.MHSKids.org.
Company Details
hershey-entertainment-&-resorts
2,117
38,817
7211
hersheyentertainmentandresorts.com
2
HER_3192708
Completed
HERC Risk Score (AI oriented)Between 750 and 799
HERC Global Score (TPRM)XXXX
Description: Hershey Park, a popular resort and amusement park in Hershey suffered a data breach incident back in 2015. The incident was noticed after some of the people that visited Harshey Park reported a pattern of fraudulent activity on their payment cards. The park engaged an external computer security firm to assist and investigate the incident.
No incidents recorded for Hershey Entertainment & Resorts Company in 2025.
No incidents recorded for Hershey Entertainment & Resorts Company in 2025.
No incidents recorded for Hershey Entertainment & Resorts Company in 2025.
HERC cyber incidents detection timeline including parent company and subsidiaries
Learn more about Hershey Entertainment & Resorts, including our Core Purpose, history, and breadth of properties with our new video - https://www.youtube.com/watch?v=Rm07tDRWPBY. Human Resources Support Center at 27 West Chocolate Ave, Hershey Press Building. For assistance, call 717-534-3178. Welcome to Hershey Entertainment & Resorts Company (HE&R), an award-winning entertainment & hospitality organization with properties including: Hersheypark, The Hotel Hershey, Hershey Bears American Hockey League team, Hershey Lodge, and numerous restaurants. HE&R is a sought-after employer where our team members have fun, are welcomed for their differences and get to work in historic settings with the smell of chocolate in the air. Our team-focused and service-oriented culture is paramount to our success. We are a community-minded, family-focused organization that strives to deliver memorable experiences to guests and employees alike. With a robust Training & Development program, welcoming environment for all team members, enviable perks and 'sweet' working environments, we invite you to visit www.HersheyJobs.com to apply for a position with us! HE&R is a privately held company founded in 1927 when our founder, Milton S. Hershey, separated his chocolate manufacturing operations from his other businesses. Our nearly 1,750 full-time and more than 7,000 seasonal/part-time employees share a common goal of upholding the legacy of our founder while striving to live by our company's Core Values: Devoted to the Legacy, Selfless Spirit of Service, Team Focused, and Respectful of Others. OUR CORE PURPOSE: Hershey Entertainment & Resorts Company is proud to help fulfill the dream of our founder, Milton S. Hershey, by providing value to Milton Hershey School® in its mission of helping students lead happy, healthy, and fulfilling lives - just as Mr. Hershey wanted. Learn more at www.MHSKids.org.
We’re adventure seekers. Smile givers. Impact makers. We believe in the power of travel. It broadens horizons for our customers, and for our people too. New places to live, new roles to explore, new communities to join. It’s yours for the taking. We’re TUI, a leading global travel and leisure exp
Travel + Leisure Co., the world's leading vacation ownership and membership travel company, provides more than six million vacations to travelers every year. The company’s extensive Vacation Ownership portfolio includes trusted and iconic vacation club brands with a combined 270+ resorts worldwide,
Hyatt is guided by its purpose: to care for people so they can be their best. Hyatt’s portfolio includes 1,000+ hotel and all-inclusive properties in over 75 countries across 6 continents. Hyatt’s offerings include brands in the Timeless Collection, including Park Hyatt®, Grand Hyatt®, Hyatt Regency
Minor Hotels is a global hospitality leader with over 560 hotels and resorts across six continents, a diverse portfolio of F&B businesses and a selection of luxury transportation services. With over four decades of experience, we build stronger brands, foster lasting partnerships, and drive business
We’re the UK's biggest pub company, but that’s not all we are. We’re an incredible team bringing people together through our 4,500+ sites nationwide. Formed in 2010 with 333 pubs, Stonegate Group has grown bigger and better than ever, and today we’re home to well-loved sites such as Slug &
Headquartered in Hong Kong SAR, the Shangri-La Group has grown from a single hotel business to a diverse and integrated global portfolio comprising quality real estate and investment properties, wellness and lifestyle facilities. Today, the Group owns, operates and manages 100+ hotels under our fami
Radisson Hotel Group is an international hotel group, operating in EMEA and APAC with over 1,320 hotels in operation and under development in +95 countries. The international hotel group is rapidly expanding with a plan to significantly grow the portfolio. The Group’s overarching brand promise is Ev
Founded in Germany in 1897, Kempinski Hotels has long reflected the finest traditions of European hospitality. Today, as ever, Kempinski is synonymous with distinctive luxury. Located in many of the world's most well-known cities and resorts, the Kempinski collection includes hotels in a grand mann
The resorts and casinos of MGM Resorts International™ are some of the most famous in the world. Our 28 destinations are renowned for their winning combination of quality entertainment, luxurious facilities, and exceptional customer service. We are actively expanding our presence globally, with pot
.png)
Grammy Award-nominated Christian music artist Forrest Frank is coming to Hershey. The singer's 29-stop “The Jesus Generation Tour” includes...
HERSHEY, Pa. (WHTM)– GRAMMY-nominated artist Forrest Frank will perform in Hershey in 2026. According to Hershey Entertainment, Forest Frank...
The season of gift-giving is here! In our minds, there is no sweeter present for a loved one (or yourself) than giving the gift of an...
Christmas in Hershey, Pa., is marked by millions of lights, family-friendly attractions and holiday coaster rides, cozy resort nights by the...
The town built on chocolate is bustling with activities to get into the holiday spirit over Thanksgiving week. From coaster rides and light...
Hershey Sweet Lights presented by PPL Electric Utilities is now open nightly through Jan. 4, 2026. For more than 20 years, the two-mile,...
It's a tell-tale sign that the most wonderful time of the year is here when Santa and all nine of his reindeer have arrived at Hersheypark...
Canadian rock group Three Days Grace will perform at the Giant Center this spring. Three Days Grace is known for hits such as “I Hate...
Hersheypark amusement park is open for an extra weekend of Hersheypark Happy between seasons on Nov. 8-9, 2025, from 12-8 p.m. It's not...
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
The official website of Hershey Entertainment & Resorts Company is http://www.HersheyEntertainmentandResorts.com.
According to Rankiteo, Hershey Entertainment & Resorts Company’s AI-generated cybersecurity score is 776, reflecting their Fair security posture.
According to Rankiteo, Hershey Entertainment & Resorts Company currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
According to Rankiteo, Hershey Entertainment & Resorts Company is not certified under SOC 2 Type 1.
According to Rankiteo, Hershey Entertainment & Resorts Company does not hold a SOC 2 Type 2 certification.
According to Rankiteo, Hershey Entertainment & Resorts Company is not listed as GDPR compliant.
According to Rankiteo, Hershey Entertainment & Resorts Company does not currently maintain PCI DSS compliance.
According to Rankiteo, Hershey Entertainment & Resorts Company is not compliant with HIPAA regulations.
According to Rankiteo,Hershey Entertainment & Resorts Company is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Hershey Entertainment & Resorts Company operates primarily in the Hospitality industry.
Hershey Entertainment & Resorts Company employs approximately 2,117 people worldwide.
Hershey Entertainment & Resorts Company presently has no subsidiaries across any sectors.
Hershey Entertainment & Resorts Company’s official LinkedIn profile has approximately 38,817 followers.
Hershey Entertainment & Resorts Company is classified under the NAICS code 7211, which corresponds to Traveler Accommodation.
No, Hershey Entertainment & Resorts Company does not have a profile on Crunchbase.
Yes, Hershey Entertainment & Resorts Company maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/hershey-entertainment-&-resorts.
As of December 19, 2025, Rankiteo reports that Hershey Entertainment & Resorts Company has experienced 1 cybersecurity incidents.
Hershey Entertainment & Resorts Company has an estimated 13,847 peer or competitor companies worldwide.
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with external computer security firm..
Title: Hershey Park Data Breach
Description: Hershey Park, a popular resort and amusement park in Hershey, suffered a data breach incident back in 2015. The incident was noticed after some of the people that visited Hershey Park reported a pattern of fraudulent activity on their payment cards. The park engaged an external computer security firm to assist and investigate the incident.
Type: Data Breach
Common Attack Types: The most common types of attacks the company has faced is Breach.
Data Compromised: Payment card information
Payment Information Risk: True
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Payment Card Information and .
Entity Name: Hershey Park
Entity Type: Resort and Amusement Park
Industry: Entertainment
Location: Hershey, PA, USA
Third Party Assistance: External Computer Security Firm.
Third-Party Assistance: The company involves third-party assistance in incident response through external computer security firm, .
Type of Data Compromised: Payment card information
Investigation Status: Investigated by external security firm
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as External Computer Security Firm, .
Most Significant Data Compromised: The most significant data compromised in an incident were payment card information and .
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was external computer security firm, .
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was payment card information.
Current Status of Most Recent Investigation: The current status of the most recent investigation is Investigated by external security firm.
.png)
Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries.
Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to overwrite Git configuration remotely and override some of its behavior. Version 5.15.1 fixes the issue.
Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow an authenticated user with snapshot restore privileges to cause Excessive Allocation (CAPEC-130) of memory and a denial of service (DoS) via crafted HTTP request.
Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) of computing resources and a denial of service (DoS) of the Kibana process via a crafted HTTP request.
Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79) allows an unauthenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting (XSS) (CAPEC-63) via a vulnerability a function handler in the Vega AST evaluator.
Get company history
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rapid