Hackers Breach Over 1,000 IHG Hotels To Steal Payment Card Details

InterContinental Hotels Group (IHG) has released data disclosing how malware was used to steal customer payment card details from around 1,200 of its franchised properties.

The group which owns the Holiday Inn and Crowne Plaza hotel brands found that malware had infected the cash registers at a number of its hotels worldwide, and siphoned off information read on the magnetic strips of payment cards as it was routed through the servers of the hotels.

The malware was originally discovered to have affected the front-desks payment systems of the group’s hotels between September and December 2016, but until now IHG has not realised the extent of the attack.

“The investigation identified signs of the operation of malware designed to access payment card data from cards used onsite at front desks at certain IHG-branded franchise hotel locations between September 29, 2016 and December 29, 2016.

Although there is no evidence of unauthorised access to payment card data after December 29, 2016, confirmation that the malware was eradicated did not occur until the properties were investigated in February and March 2017,” the company said.

Hotel hack

IHG has warned that gusts of its hotels may have had their money stolen as a consequence of the malware attack, given that the information stolen could have included card numbers, verification codes and expiration dates; essentially all the information needed to authorise a payment.

As such IHG is advising its previous customers to be vigilant of fraud on their cards and accounts.

To tackle the security problem, IHG is offering all its franchises a free security inspection carried out by an external forensics team, however they need to be proactive in taking up IHG’s offer.

The ramifications of the malware infection was mitigated a little with group’s roll out of an encrypted payment acceptance system.

“Before this incident began, many IHG-branded franchise hotel locations had implemented IHG’s Secure Payment Solution (SPS), a point-to-point encryption payment acceptance solution,” the group said.

“Properties that had implemented SPS before September 29, 2016 were not affected.  Many more properties implemented SPS after September 29, 2016, and the implementation of SPS ended the ability of the malware to find payment card data and, therefore, cards used at these locations after SPS implementation were not affected.”

IHG has also created a tool for people to look up whether they stayed at an infected hotel during the three month period last year.

Hotels present attractive targets for cyber criminals given the wealth of data that passes through them, in one case resulting in a ransomware attack against a hotels electronic locking system.

Quiz: Are you a security pro?

Roland Moore-Colyer

As News Editor of Silicon UK, Roland keeps a keen eye on the daily tech news coverage for the site, while also focusing on stories around cyber security, public sector IT, innovation, AI, and gadgets.

Recent Posts

Is the Digital Transformation of Businesses Complete?

Digital transformation is an ongoing journey, requiring continuous adaptation, strong leadership, and skilled talent to…

20 hours ago

Craig Wright Faces Contempt Claim Over Bitcoin Lawsuit

Australian computer scientist faces contempt-of-court claim after suing Jack Dorsey's Block and Bitcoin Core developers…

21 hours ago

OpenAI Adds ChatGPT Search Features

OpenAI's ChatGPT gets search features, putting it in direct competition with Microsoft and Google, amidst…

21 hours ago

Google Maps Steers Into Local Information With AI Chat

New Google Maps allows users to ask for detailed information on local spots, adds AI-summarised…

22 hours ago

Huawei Sees Sales Surge, But Profits Fall

US-sanctioned Huawei sees sales surge in first three quarters of 2024 on domestic smartphone popularity,…

22 hours ago

Apple Posts China Sales Decline, Ramping Pressure On AI Strategy

Apple posts slight decline in China sales for fourth quarter, as Tim Cook negotiates to…

23 hours ago