Published: Sat, April 22, 2017
Money | By Oscar Reynolds

IHG reveals hotels potentially affected by data breach

IHG reveals hotels potentially affected by data breach

The hotel group, which operates Holiday Inn, Kimpton, and several other brands, has now released details on the broader scope of the security breach.

IHG said it was made aware of the hack after payment card networks identified patterns of unauthorized charges following legitimate use at locations of the hotel chain.

The hotelier said that many of its locations were unaffected because they had installed a security mechanism called Secure Payment Solution that blocked the spyware from reading off sensitive card data - however, many hotels hadn't gotten the system up and running in time.

IHG said in a statement on its website that it found signs of malware created to access credit card data from cards used onsite at front desks in certain IHG-branded franchise hotel locations between September 29, 2016 and December 29, 2016.

IHG has now published an updated list of affected locations, which span 49 states, plus Washington D.C., and Puerto Rico.

"All three properties will draw synergies from IHG hotels located nearby and will reinforce our position in South West Asia".

The company noted there was no indication other guest information was affected.

Yesterday, a government report revealed that almost half (46%) of British businesses had discovered at least one cybersecurity breach or attack in the past year, with the rate rising to two-thirds among medium and large companies.

IHG has warned that gusts of its hotels may have had their money stolen as a effect of the malware attack, given that the information stolen could have included card numbers, verification codes and expiration dates; essentially all the information needed to authorise a payment.

It is unclear exactly how many IHG customers were affected by the data breach.

IHG acknowledged that the breaches were active through at least December 29, 2016, though there's no certainty that the malware was eliminated until the breach was investigated in February and March of this year.

InterContinental Hotels Group PLC (LON:IHG)'s stock had its "outperform" rating reissued by research analysts at Credit Suisse Group AG in a research report issued on Monday. Some hotels stopped the malware from working before December 29, 2016.

Customers who may have been affected by the breach are advised to keep a close eye on their credit card transactions in order to catch any potentially suspicious activity.

Like this: