IHG Guests at Risk for Payment Card Fraud

Photo by ipopba/iStock/Getty Images Plus/Getty Images

On December 28, 2016, IHG (InterContinental Hotels Group) announced it would be conducting an investigation after receiving a report of unauthorized charges that had occurred on some payment cards used a small number of its U.S. hotel properties. Findings of the ongoing investigation show that malware was installed on the servers that processed payment cards used at restaurants and bars of 12 IHG managed properties.

Upon receiving information of the first compromised card, IHG hired leading cyber security firms to examine the payment card processing systems for the hotels it manages within the Americas region.  As a result of the investigation, IHG is now providing notification to guests who used card payments at select restaurants and bars at 12 of the company’s managed properties during the time period of August 2016 – December 2016.

Affected locations include Crowne Plaza San Jose-Silicon Valley; Holiday Inn San Francisco Fisherman’s Wharf; InterContinental Los Angeles Century City; InterContinental Mark Hopkins; InterContinental Buckhead Atlanta; InterContinental Chicago Magnificent Mile; InterContinental The Willard; Holiday Inn Resort – Aruba; InterContinental Toronto Yorkville; InterContinental San Juan Resort & Casino; and Holiday Inn Nashville Airport.

Virtual Event

Pivoting Back to Travel | The Destination Weddings & Honeymoons Edition

2020 put the nuptial plans of thousands upon thousands of couples on hold, but with the promise of widespread vaccine distribution in the near future, it’s time to get back to planning and ensure your clients live out the destination weddings & honeymoons of their dreams. Hear from top suppliers and destinations on wedding venue & ceremony options, romantic destinations & resorts and more when you watch the event on-demand.

Cards used at the front desks of these properties were not affected. The malware searched for track data (including cardholder names, card numbers, expiration dates and internal verification codes) read from the magnetic stripe of a payment card as it was being routed through the affected server.

IHG has a list of the affected restaurants and bars, along with specific time frames for each property, located on its website. The site also has more information on how guests can better protect their information during travel.

Since the launch of the investigation, IHG has announced that it’s been working with the security firms to review its security measures, as well as confirm that the issue has been remediated and evaluate ways to enhance IHG’s security measures. The group has notified law enforcement and is working with the payment card networks so that the banks that issue payment cards can be made aware and initiate higher monitoring on the affected cards. 

IHG has also established a dedicated call center to answer any questions affected guests may have.

Visit www.ihg.com/protectingourguests