Intercontinental Hotels Data Breach Announces The Truth. Warns clients that ransomware compromised point-of-sale machines and stolen payment card details for four months.
In its hotel restaurants and bars throughout North America and the Caribbean, the InterContinental Hotels Company warns clients. Consequently, that ransomware compromised point-of-sale machines and stole payment card details for four months. Furthermore, the places affected include Michael Jordan’s Steak House & Bar in Chicago. Besides, Toronto’s Sky Lounge, Los Angeles’ Copper Lounge, and Aruba’s Palm Bar.
IHG runs 5,000 hotels, including Crowne Plaza, Intercontinental, Kimpton, and Holiday Inn. However, in almost 100 cities in the United Kingdom.
In the case of an alleged payment card violation at some of US assets, IHG warned on 28 December 2016. On February 3, IHG announced that someone has hacked its hotel restaurants and bars. Further, warning consumers that payment card records were questionable.
12 IHG branches
“Results indicate that ransomware was on servers that processed payment cards used at restaurants and bars of 12 IHG branches located,” IHG says from an infringement site. “It did not affect the Cards accepted at the front desk. Moreover, the ransomware checked for log keystrokes. For instance, cardholder name, card number, expiration date, and internal verification code. Besides, it read from the magnetic stripe of a payment card as it was being routed through the affected server.” The malware did not affect the cards in use at the front desk.
The cycles of infection varied, but most started on 1 August 2016 and finished by 15 Dec 2016, says the firm.
Statement straight from IHG
“We have been working with the security firms to review our security measures, confirm that reviews and tests are undergoing ways to enhance our security measures,” says IHG. “We also notified law enforcement and are working with the payment card networks. So they can make the banks that issue payment cards aware and start heightened monitoring on the affected cards.”
IHG said on 28 Dec. 2016, “after receiving a report of unauthorized charges occurring on some payment cards they used at some U.S. hotel properties,” it opened its inquiry and engaged cybersecurity companies to review them from outside the nation.
Further, IHG refused to comment about the exact entities used. Or the ransomware it compromised, whether it is operating servers or outsourced to a third party. Moreover, it has affected how many details of the payment card.
Security blogger Brian Krebs, who said some of the IHG properties – particularly Holiday Inn and Holiday Inn Express locations – seemed to have encountered unusual levels of fraud, first posted news of this alleged breach on December 28, 2016.
Caution: 12 Breached places
In compliance with the IHG notice of violations, there are five restaurants and bars in California where the violation occurred:
San Jose-Silicon Valley Crowne Plaza;
Fisherman’s Wharf Holiday Inn San Francisco;
Los Angeles Century City InterContinental;
Hopkins Intercontinental Mark;
San Francisco InterContinental.
Seven other areas have influenced restaurants and bars:
Nashville Airport Holiday Inn;
The Netherlands Caribbean Island, Holiday Inn Resort – Aruba;
Buckhead Atlanta InterContinental;
Magnificent Mile of InterContinental Chicago;
San Juan Resort & Casino in Puerto Rico; InterContinental;
The Willard in Washington InterContinental;
Toronto, Yorkville, InterContinental.