InterContinental Hotels Group announced today that its hotel chain has been hit by malware resulting in a massive data breach. The hotel chain was infected by malware in its payments systems. The malware was designed to collect guest’s credit card data including name, card numbers, expiration dates and security codes. According to a hotel spokesperson, “Approximately 1,200 IHG-branded franchise hotel locations in the Americas were affected.”
According to KrebsOnSecurity.com the number may even be higher. The website originally reported the data breach in December. Krebs reports that IHG has not yet inspected all its properties some of which are franchises. IHG has been reaching out to franchised properties asking them participate in the investigation.
The data breach began in September 2016 and continued through to the end of December of last year. According to IHG there is no indication the malware was active after December 29th. However, it cannot verify that all the malware was removed until March.
To add insult to injury the hotel chain does not know how many customer were affected nor is it offering any help to those customers. The company is only saying that guests should “remain vigilant to the possibility of fraud” and urged customers to review their card statements.
In an email to TheVerge.com IHG stated that its investigation was ongoing and a “small percentage” of franchises haven’t participated. IHG says it has 3,925 hotels in the Americas. IHG owns the following hotel chains in the U.S.
- Candlewood Suites
- Staybridge Suites
- Holiday Inn Club Vacations
- Holiday Inn Resort
- Holiday Inn Express
- Holiday Inn
- Even Hotels
- Hotel Indigo
- Kimpton Hotels
- Crowne Plaza Hotels
- InterContinental Hotels & Resort
If you have stayed in any of these hotels since September of last year there is a website where you can check to see if that hotel was affected. IHG plans to add additional locations to the list when its investigation is completed.