XML 34 R22.htm IDEA: XBRL DOCUMENT

Note 16 - Cyber Event	12 Months Ended
Dec. 31, 2021
Notes to Financial Statements
Cyber Event [Text Block]	*Note 16.* Cyber Event** On December 25, 2021, the Company detected a ransomware attack that accessed and encrypted a small portion of its information technology systems. The unauthorized access included the download of non-payment processing related data files from an externally hosted Office 365 environment which is separate from the Company's payment processing environment. Throughout the incident, the Company remained operational. Promptly upon the detection of the event, the Company launched an investigation, notified law enforcement, its insurance carrier, and engaged legal counsel, computer forensic firms and other incident response professionals. The Company also implemented a series of containment and remediation measures to address this situation and reinforce the security of our information technology systems. This cyber event had no material impact on the business, and no cardholder, or payments related data was compromised. The Company has undertaken and continues to undertake certain system upgrades and re-platforming efforts designed to improve the security, availability, reliability, resiliency, and speed of its information technology systems in order to prevent and mitigate such events in the future.

Note 16 - Cyber Event

12 Months Ended

Dec. 31, 2021

Note 16. Cyber Event

On December 25, 2021, the Company detected a ransomware attack that accessed and encrypted a small portion of its information technology systems. The unauthorized access included the download of non-payment processing related data files from an externally hosted Office 365 environment which is separate from the Company's payment processing environment. Throughout the incident, the Company remained operational. Promptly upon the detection of the event, the Company launched an investigation, notified law enforcement, its insurance carrier, and engaged legal counsel, computer forensic firms and other incident response professionals. The Company also implemented a series of containment and remediation measures to address this situation and reinforce the security of our information technology systems.

This cyber event had no material impact on the business, and no cardholder, or payments related data was compromised. The Company has undertaken and continues to undertake certain system upgrades and re-platforming efforts designed to improve the security, availability, reliability, resiliency, and speed of its information technology systems in order to prevent and mitigate such events in the future.