Nearly 1,200 InterContinental hotels hit in data breach

Nearly 1,200 InterContinental hotels hit in data breach

The data breach, which led to the theft of guests’ credit card information who stayed at hotels under the InterContinental Hotel Group, was much bigger than previously announced earlier, with almost 1,200 hotels affected.

“The investigation identified signs of the operation of malware designed to access payment card data from cards used onsite at front desks at certain IHG-branded franchise hotel locations between September 29, 2016 and December 29, 2016,” said InterContinental Hotel Group in a statement.

The company operates more than 5,000 hotels across 100 countries. Those hotels breached included household names such as InterContinental, Holiday Inn, Crown Plaza and Hotel Indigo chains.

Credit card stealing #malware: 1200 #InterContinental hotels breached | https://t.co/IBVn24nPYg#Security#Hacking#Hotels#Breachpic.twitter.com/RaAQfJ4O7K

— HackRead (@HackRead) April 20, 2017

The breach was discovered after hotel guests reported unauthorized fraudulent charges on cards previously used at a number of US hotels owed by IHG.

The hotel group said malware searched for track data – cardholder name, card number, expiration date and internal verification code - and read from the magnetic stripe of a payment card as it was being routed through the affected hotel server.

The malware did now show signs of activity after December 29 but it was not eradicated from cash registers until March 2017.

The company noted there was no indication other guest information was affected.
Card-stealing cyber thieves have broken into some of the largest hotel chains over the past few years, according to Krebs On Security.

Krebs: InterContinental Hotel Chain Breach Expands: In December 2016, KrebsOnSecurity broke the news that fraud… https://t.co/1Zzo0NIFkFpic.twitter.com/7HrUaawJHn

— SecurityGopher (@SecurityGopher) April 19, 2017

Hotel brands that have acknowledged card breaches over the last year include Kimpton Hotels, Trump Hotels (twice), Hilton, Mandarin Oriental, and White Lodging (twice). Card breaches also have hit hospitality chains Starwood Hotels and Hyatt.

In many of these breaches, thieves plant malicious software on point-of-sale devices via a hacked remote administration tool. Once the attackers have their malware loaded they remotely capture data from each card swiped at the cash register.

New York data breaches hit all-time high as 1.6mn users’ records exposed https://t.co/OCyuN18sCOpic.twitter.com/ZhQwQCsE4r

— RT America (@RT_America) March 21, 2017

Thieves can then sell that data to crooks who specialize in encoding the stolen data onto any card with a magnetic stripe, and using the cards to purchase high-priced electronics and gift cards from big-box stores like Target and Best Buy.



Add Comment

all comments

  Other news

more
Exclusive: Neighbours actress Eve Morey announces the SEX of her baby just hours after revealing shock pregnancy news live on Channel 5 show The Wright Stuff

Exclusive: Neighbours actress Eve Morey announces the SEX of her baby just hours after..

27-Jun, 18:12

Neighbours actress Eve Morey has revealed the news that she is expecting...

EastEnders star Jacqueline Jossa reveals horror of 'nightmare' strippers during Ibiza hen do ahead of wedding to Dan Osborne: 'I’d call the police, I don't think it should be legal' – Exclusive

EastEnders star Jacqueline Jossa reveals horror of 'nightmare' strippers during Ibiza hen do..

27-Jun, 08:00

The EastEnders actress was joined by her closest friends and family for...

Sir Philip sold BHS to dodge pension cost, says regulator

Sir Philip sold BHS to dodge pension cost, says regulator..

27-Jun, 19:36

The controversial businessman Sir Philip Green sold the BHS business to...

Lake harvests are likely more fruitful than we knew

Lake harvests are likely more fruitful than we knew..

27-Jun, 14:48

Harvests from freshwater fisheries such as the Great Lakes could total...

Trump blames Dems for confirmation delays, but red tape is culprit

Trump blames Dems for confirmation delays, but red tape is culprit..

03-Mar, 17:14

In a tweet early this morning, President Trump accused Democrats of...

Turkey detains 412 suspected Kurdish militants

Turkey detains 412 suspected Kurdish militants..

13-Apr, 03:34

Turkey's Interior Ministry says police have detained 412 suspected...

Trumps attend Steve Mnuchin's wedding, officiated by Mike Pence

Trumps attend Steve Mnuchin's wedding, officiated by Mike Pence..

25-Jun, 04:27

President Donald Trump, first lady Melania Trump and several Cabinet...

No, Obama isn't planning a coup against President Trump

No, Obama isn't planning a coup against President Trump..

22-Feb, 16:28

A fake news story making the rounds on Facebook claims in the headline...