The news comes from San Francisco, where a number of hotels coming under the chain of InterContinental Hotels have reported a malware attack on their front desk systems. It was reported that personal info has been stolen from customer credit and debit cards without their knowledge.
The event took place between a span of 3 months. It started on 29th Sep, 2016 and the last case of such category was reported on 29th Dec, 2016. Initially, the official statement by Intercontinental hotels only claimed the stolen info to be of a dozen customers. However, the list has been expanded since then.
The event was first covered by an online web security forum called KrebsOnSecurity. The hotel owners have not yet given a complete list of properties that were affected by the breach, they offered a lookup page from different states instead. IHG shares in the stock market came down by 0.1% due to this. The brands of Intercontinental hotels that were affected included The Crown Plaza, Holiday Inn and Hotel Indigo, according to an official statement.
The corresponding officials have only indicated the effects of these breaches to be over hotels located in the U.S and some from Puerto Rico, but more investigations are being carried out all across the country to find out more irregularities of similar sorts, stated Intercontinental Hotel’s communication director for the region.
According to him, around 1200 hotels coming under the Intercontinental umbrella got affected. The total number of hotels the company owns all around the world is 5000, and that is located in 100 different countries.
The virus or malware gathered personal information through the magnetic stripes of all payment cards. It collected the info while it was travelling towards the hotel’s server. The info included card number, validity info and other verification codes as well. That sums up the list of stolen information given by the hotel official.
The company addressed all its customers that had a stay in their hotels during the span of those 3 months and advised them to go through their payment card statements and report any credit card info stolen to the company.
“Plus card info is shared with the hotel before the guest even arrives through the booking process. All of this gives cybercriminals multiple opportunities and points of entry for the hacks,” said the official.