Intercontinental hotels group (IHG) has announced that 1,175 US franchises have been struck by a payment card data breach. This malware attack means that guests money could have been stolen as a consequence.
The company whose brands include Holiday Inn, Holiday Inn Express and Crowne Plaza had just under 1,200 properties affected. Thieves gained access to card numbers, expiration dates and verification codes of cards used at front desks. The breach took place between 29th September and 29th December 2016.
Brian Krebs broke the news for Krebsonsecurity.com. He had this to say about how the hackers accessed this data.
“ In many of those incidents, thieves planted malicious software on the point-of-sale devices at restaurants and bars inside of the hotel chains. Point-of-sale based malware has driven most of the credit card breaches over the past two years and the malicious code usually is installed via hacked remote administration tools. Once the attackers have their malware loaded onto the point-of-sale devices, they can remotely capture data from each card swiped at that cash register.
Thieves can then sell that data to crooks who specialize in encoding the stolen data onto any card with a magnetic stripe, and using the cards to purchase high-priced electronics and gift cards from big-box stores like Target and Best Buy. “
Brian Krebs, Krebsonsecurity.com
If you would like to read more of this article you can find that here
IHG has been trying to have all franchised properties adopt “secure payment solution” (SPS). This would mean Guests card details will be more protected as data would be encrypted therefore reducing any risk of a data breach. Properties that used this solution prior to the initial attack were not affected.
A state-by-state search tool published is available for anyone to check if they are affected.