Malware planted at the front desk of more than 1,200 franchise hotel locations last year may have been capturing your card info as you checked in or out.
InterContinental Hotels Group reveals extent of breach
At the end of 2016, InterContinental Hotels Group (IHG) received word of a troubling new trend from its payment processors: Credit and debit cards that were processed to pay for legitimate hotel stays were being flagged in the days after the transaction for repeated unauthorized charges.
IHG hired a leading cyber security firm to investigate and soon discovered that malware was secretly installed on payment processing equipment at the front desk of certain franchise hotel locations between September 29, 2016 and December 29, 2016.
Unfortunately, the damage wasn’t limited to last year. The malware may still have been active in the early weeks of 2017, though IHG can confirm it was fully eradicated from its system by March 2017.
Criminals were capturing card numbers, expiration dates, verification codes and even cardholder names via the malware. Then they were using that stolen info to make purchases online.
IHG operates 10 brands, but it hasn’t disclosed which of them were involved in the hack. But a spokesman did confirm that 1,200 independently owned and operated locations were impacted.
The following hotel brands operate under the IHG banner:
- Candlewood Suites
- Crowne Plaza
- Holiday Inn Hotels & Resorts
- Holiday Inn Club Vacations
- Holiday Inn Express
- Hotel Indigo
- Staybridge Suites
- Even Hotels
- Kimpton Hotels & Restaurants
If you stayed at any of these hotels recently, IHG has an online look-up tool that lets you see if the individual location you were at was among those breached.
What to do next
If you believe your card was breached in the IHG hack, here’s what you should do next.
1. Review your credit card statements. You need to go through your credit card and debit card statements this month and next month with a fine tooth comb. Identify any bogus charges the crooks may have pushed through and dispute them immediately with your bank or credit card company.
2. Beware of a reload scam. Anyone calling or emailing you trying to impersonate an IHG representative is suspect at this time. They may ask you to click a link in an email or verbally confirm additional personal information over the phone. Don’t do it! Hang up the phone or close out the email. Then call IHG back to verify the legitimacy of the request.
3. Consider a credit freeze. A credit freeze will limit the ability of criminals who may have your info to open new lines of credit in your name. It has no impact on your ability to use your existing lines of credit. See our guide on freezing your credit.
Read more: How to prevent, report and repair ID theft