InterContinental Hotels Group (IHG) is a large hospitality company with over 4500 hotels in 100 countries. In December of last year the group launched an investigation after reports of unauthorized charges occurring from payment cards that were used in multiple U.S. hotels.
Hackers were able to infect the company’s servers processing card payments with malware. The software scraped cardholder names, card numbers, expiration dates and internal verification codes from the server. The scope of those affected in the hack is currently unknown.
Per the report, “IHG has been working with the security firms to review IHG’s security measures, confirm that this issue has been remediated, and evaluate ways to enhance IHG’s security measures. IHG has notified law enforcement and is working with the payment card networks so that the banks that issue payment cards can be made aware and initiate heightened monitoring on the affected cards.“ 12 hotels in the United States were affected by the security breach.
Thankfully, the malware was only installed on servers that operated the restaurants and bars, therefore the front desk payment processing was not affected. Due to the massive extent of the breach, InterContinental Hotels Group has dedicated an entire call center to answer guest’s questions regarding the intrusion. Below is the full list of affected locations.