The Intercontinental Hotel Group, the operator of hotel chains like the Holiday Inn and the Intercontinental, has admitted to the discovery of a malware that compromised point-of-sale equipment used at front desks of its hotel properties.
While no numbers were specified, the announcement linked readers to a tool where one could look at the hotels affected. Prominent security researcher Brian Krebs has since revealed on his blog that up to 1,175 hotels, over 20% of the groups 5,000 worldwide hotels, were compromised.
A forensic investigation identified signs of the malware operation used to access payment card data from front desks at hotel locations between September 29 and December 29, last year.
“Although there is no evidence of unauthorized access to payment card data after December 29, 2016, confirmation that the malware was eradicated did not occur until the properties were investigated in February and March 2017,” the announcement read.
The malware sought to acquire card data including the name of the card holder, the card number, expiration date and internal verification code present in the magnetic strip of a payment card from compromised hotel servers.
The data breach incident came to light last year when it was originally thought that a handful of Holiday Inns (a dozen properties) were affected. The hotel group’s announcement this week confirms that the breach was far more widespread than initially thought.
Meanwhile, the affected properties identified so far are all based in the United States and Puerto Rico. A USA Today report has revealed that the company is still investigating other properties, which could yet reveal more compromised hotel locations around the world. The operator is updating its list of all locations targeted and compromised hotels in a tool that can be found here.
The hotel is also urging anyone who stayed at one of its properties during the time period to review their card statements to check for any irregular or unauthorized activity.
Image credit: Wikimedia.