IHG franchises in its Americas region were hit with a point-of-sale malware breach, affecting 1,200 hotels ranging from its Crowne Plaza to Holiday Inn Express.
InterContinental Hotels Group franchisees were hit with malware on their point-of-sale systems (POS), which allowed cyberthieves to make off with credit cardholder names, card numbers, expiration dates and back-of-the-card security numbers at 1,200 IHG locations in the Americas.
The breach occurred from Sept. 29 to Dec. 29 at IHG franchises, ranging from the Crowne Plaza to its Holiday Inn Express, IHG announced late last week. And although it did not list the scope of the breach, Data Breach Today reported 1,200 locations were affected.
IHG became aware of the breach after its franchisees began getting notices from payment card networks that their customers were incurring unauthorized charges after having used their credit cards at IHG hotels. IHG's investigation found malware on POS systems was capturing credit card information used at the front desk of a number of its franchisees' hotels.
According to IHG, hotels that loaded its point-to-point encryption payment acceptance solution, Secure Payment Solution (SPS), prior to Sept. 29 were not affected by the malware and those that did so after that date found, once it was installed, the malware could not pilfer the information on the card.
Read more about IHG's breach here.
About the Author(s)
You May Also Like
Defending Against Today's Threat Landscape with MDR
April 18, 2024The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024