The Intercontinental Hotels Group (IHG) thought only a handful of Holiday Inns were affected by a data breach that happened last year, but it turned out to be a much bigger deal. In a statement posted on its website, IHG has admitted that it found signs of malware designed to access credit card data used at front desks in a lot more locations. It didn't mention a specific number, but it linked to a tool where you can look up which Holiday Inns, Intercontinentals and Crowne Plazas were affected. A Krebs on Security reader did some digging, though, and found 1,175 properties in IHG's tool. That's a sizeable chunk of the 5,000 hotels it has worldwide.
According to the hotel chain's investigation, the malware was active from September 29th to December 29th, 2016. Since it was designed to pilfer info from a card's magnetic stripe, the company believes it could have stolen guests' CC numbers, expiration dates and verification codes. The malware showed no signs of activity after December 29th, but IHG wasn't able to remove it from cash registers until around March 2017.
Based on IHG's tool, only hotels in the US and Puerto Rico were affected, but a spokesperson told USA Today that the company still isn't done investigating its other properties. The chain could very well update the tool later with even more locations in other parts of the globe. Those who stayed in any IHG-owned property late last year may want to keep a close eye on their credit card transactions.
InterContinental Hotel Group breach explodes, from 12 hotels (lots of Holiday Inn's) to more than 1,000 https://t.co/FBFW5ZNVFB— briankrebs (@briankrebs) April 19, 2017