InterContinental Hotel Group (IHG), parent company of Crowne Plaza and Holiday Inn, announced its full list of properties impacted by the credit card breach last year. According to IHG, between August 2016 and December 2016 malware was found on its servers used to process credit cards. For a full list of IHG’s impacted properties click here.
According to IHG’s report, “Findings show that malware was installed on servers that processed payment cards used at restaurants and bars of 12 IHG managed properties. Cards used at the front desk of these properties were not affected.”
The report goes on to say the malware searched for track data, including: cardholder name, card number, expiration date, and internal verification code, which was taken from the magnetic stripe of the card as it was being transmitted through the affected server.
Malware has been the source of most of the credit card breaches in recent years. It is usually installed by hacked remote administration tools, according to KerbsOnSecurity. Once the malware is installed onto the devices the attacker can remotely gather data from each card swiped on that device. The stolen data can then be embedded on any card with a magnetic stripe and used for purchases.
IHG has been working with security firms to review their current security policies, confirm that the affected servers have been remediated and evaluate how to enhance their security.“We have also notified law enforcement and are working with the payment card networks so that the banks that issue payment cards can be made aware and initiate heightened monitoring on the affected cards,” Says IHG.
The investigation is ongoing and no one knows the actual scope of this breach.
If you were a patron at any of the affected areas during August 2016 to December 2016, please watch your credit card statements carefully and report any fraudulent charges to your credit card company immediately.