Cyber Crime

InterContinental Hotels investigating a possible card breach

The company InterContinental Hotels Group (IHG) confirmed an ongoing investigation of alleged card breach at some of its properties.

The notorious investigators Brian Krebs was informed of a possible security breach at the hotel company InterContinental Hotels Group (IHG). Krebs received the news of the alleged card breach by his sources in the financial industry. According to the experts, the pattern of fraudulent activities had been observed on credit and debit cards used at some IHG properties.

“Those sources said they were seeing a pattern of fraud on customer credit and debit cards that suggested a breach at some IHG properties — particularly Holiday Inn and Holiday Inn Express locations.” wrote Krebs.

“Asked about the fraud patterns reported by my sources, a spokesperson for IHG said the company had received similar reports, and that it has hired an outside security firm to help investigate.”

IHG has more than 5,000 hotels across the world, the group includes many brands such InterContinental, Holiday Inn, Crowne Plaza, Kimpton, Hualuxe, Indigo, and Even.

Representatives at the Group confirmed they had been aware of the fraud patterns and promptly started an investigation with the support of a security firm.

Below the statement issued by the IHG:

“IHG takes the protection of payment card data very seriously. We were made aware of a report of unauthorized charges occurring on some payment cards that were recently used at a small number of U.S.-based hotel locations.  We immediately launched an investigation, which includes retaining a leading computer security firm to provide us with additional support.  We continue to work with the payment card networks.”

“We are committed to swiftly resolving this matter. In the meantime, and in line with best practice, we recommend that individuals closely monitor their payment card account statements.  If there are unauthorized charges, individuals should immediately notify their bank. Payment card network rules generally state that cardholders are not responsible for such charges.”

While the investigation is ongoing customers have to closely monitor their payment card statements and notify any suspicious transaction.

InterContinental hotels suffered other breaches in the past, payment systems at Kimpton Hotels & Restaurants were compromised by a PoS malware discovered this summer.

InterContinental hotels were also involved in a breach suffered earlier this year by HEI Hotels & Resorts.

The hospitality sector is a privileged target of hackers, according to the experts from Trustwave also the notorious Carbanak cybercrime gang changed strategy targeting organizations in the sector.

This yeas major companies operating in the industry admitted suffering a data breach including Hard Rock Hotel & Casino Las Vegas, Trump Hotels, and Millennium Hotels & Resorts.

Stay Tuned.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – InterContinental Hotels, card breach)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

2 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

9 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

21 hours ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

1 day ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

1 day ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

1 day ago

This website uses cookies.