Nearly 1,200 InterContinental hotels hit in data breach

Nearly 1,200 InterContinental hotels hit in data breach

The data breach, which led to the theft of guests’ credit card information who stayed at hotels under the InterContinental Hotel Group, was much bigger than previously announced earlier, with almost 1,200 hotels affected.

“The investigation identified signs of the operation of malware designed to access payment card data from cards used onsite at front desks at certain IHG-branded franchise hotel locations between September 29, 2016 and December 29, 2016,” said InterContinental Hotel Group in a statement.

The company operates more than 5,000 hotels across 100 countries. Those hotels breached included household names such as InterContinental, Holiday Inn, Crown Plaza and Hotel Indigo chains.

Credit card stealing #malware: 1200 #InterContinental hotels breached | https://t.co/IBVn24nPYg#Security#Hacking#Hotels#Breachpic.twitter.com/RaAQfJ4O7K

— HackRead (@HackRead) April 20, 2017

The breach was discovered after hotel guests reported unauthorized fraudulent charges on cards previously used at a number of US hotels owed by IHG.

The hotel group said malware searched for track data – cardholder name, card number, expiration date and internal verification code - and read from the magnetic stripe of a payment card as it was being routed through the affected hotel server.

The malware did now show signs of activity after December 29 but it was not eradicated from cash registers until March 2017.

The company noted there was no indication other guest information was affected.
Card-stealing cyber thieves have broken into some of the largest hotel chains over the past few years, according to Krebs On Security.

Krebs: InterContinental Hotel Chain Breach Expands: In December 2016, KrebsOnSecurity broke the news that fraud… https://t.co/1Zzo0NIFkFpic.twitter.com/7HrUaawJHn

— SecurityGopher (@SecurityGopher) April 19, 2017

Hotel brands that have acknowledged card breaches over the last year include Kimpton Hotels, Trump Hotels (twice), Hilton, Mandarin Oriental, and White Lodging (twice). Card breaches also have hit hospitality chains Starwood Hotels and Hyatt.

In many of these breaches, thieves plant malicious software on point-of-sale devices via a hacked remote administration tool. Once the attackers have their malware loaded they remotely capture data from each card swiped at the cash register.

New York data breaches hit all-time high as 1.6mn users’ records exposed https://t.co/OCyuN18sCOpic.twitter.com/ZhQwQCsE4r

— RT America (@RT_America) March 21, 2017

Thieves can then sell that data to crooks who specialize in encoding the stolen data onto any card with a magnetic stripe, and using the cards to purchase high-priced electronics and gift cards from big-box stores like Target and Best Buy.



Add Comment

all comments

  Other news

more
Political therapy

Political therapy..

26-Apr, 00:24

First stop was the House of Commons, for a tour with veteran Conservative...

Trump tax plan slashes taxes for ‘some’ businesses and wealthy estates

Trump tax plan slashes taxes for ‘some’ businesses and wealthy estates..

26-Apr, 16:40

The White House is proposing comprehensive tax reforms which are said to...

Ferne McCann opens up about ‘real man’ ex boyfriend Arthur Collins as she praises him for ‘putting me in my place’ WEEKS before confirming she is pregnant with his child

Ferne McCann opens up about ‘real man’ ex boyfriend Arthur Collins as she praises him..

26-Apr, 16:17

And now the star’s feelings for her former beau have been revealed in an...

..

26-Apr, 07:10

Jessica Biel has opened up about the importance of family life "You have...

Lego sees record revenue as demand grows globally

Lego sees record revenue as demand grows globally..

09-Mar, 05:17

Danish toy maker Lego says its famous colored toy blocks were in high...

US cancer deaths are decreasing, study finds

US cancer deaths are decreasing, study finds..

31-Mar, 17:37

More people are surviving the most common forms of cancer as cancer...

New Zealand judge upholds Kim Dotcom extradition ruling

New Zealand judge upholds Kim Dotcom extradition ruling..

20-Feb, 00:45

A New Zealand judge on Monday upheld an earlier court ruling that...

Yeo Yoo Man Man Episode 3322

Yeo Yoo Man Man Episode 3322..

17-Feb, 22:53

The following Yeo Yoo Man Man Episode 3322 English Sub has been released....