InterContinental Hotels hit by PoS malware attack

InterContinental Hotels hit by PoS malware attack

The InterContinental Hotels Group (IHG) has admitted that malware was found on systems used to process credit cards at bars and restaurants at 12 of its hotels in North America and the Caribbean.

Although the firm, which is the parent company of Holiday Inn, Crowne Plaza and Kimpton Hotels, did not say how many cards are affected, it confirmed on Friday that the malicious code had been found on some servers.

It had previously reported on December 28th that it was investigating after receiving reports of unauthorised charges to payment cards that were used at “a small number of US hotel properties”.

“Based on the investigation, IHG is providing notification to guests who used their payment card at restaurants and bars of 12 company-managed properties during the time periods from August 2016 to December 2016 identified below,” it said in a statement along with a list of affected locations, adding that an investigation of other American properties is ongoing.

“Findings show that malware was installed on servers that processed payment cards used at restaurants and bars of 12 IHG-managed properties.  Cards used at the front desk of these properties were not affected.

“The malware searched for track data (cardholder name, card number, expiration date and internal verification code) read from the magnetic stripe of a payment card as it was being routed through the affected server.”

IHG advised customers to monitor their bank accounts for unusual activity and contact the authorities if they believe they have been affected. It added it was working with cyber security experts to bolster its security.

Point of sale malware has hit the headlines multiple times in recent years – perhaps most notably in the case of the 2014 Target breach – as it has been utilised by cyber criminals to steal consumers’ financial information.

Copyright Lyonsdown Limited 2021

Top Articles

Colorado Passes Consumer-Data Privacy Bill

A data privacy bill has been passed in Colorado that gives residents the right to delete any personal data collected by companies, and to stop companies from collecting their data…

Virtual Currency

A virtual currency, unlike conventional currencies, is a currency not issued by any bank. Some examples include Bitcoin, Litecoin, etc. Generally, digital currencies are stored in and traded through software,…

Carnival Cruises hit by fourth data breach in 18 months

Carnival Cruises, one of the world’s largest cruise ship operators, has confirmed that it suffered another data breach in mid-March.

Related Articles

[s2Member-Login login_redirect=”” /]